Closed
Bug 276988
Opened 20 years ago
Closed 18 years ago
XSS vulnerability on mozcal.org
Categories
(mozilla.org :: Miscellaneous, task)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: mikx, Assigned: mostafah)
Details
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Build Identifier: http://www.mozcal.org/faq/index.php? p=search&srcText=faq&submit=Go&cat_id=2&srcWhat="><script>alert(document.cookie) </script> Tested with Internet Explorer 6 using WinXP SP2 Reproducible: Always
Comment 1•20 years ago
|
||
For the record, this site is neither owned nor operated by the Mozilla Foundation... There's no information on the site to indicate who does own it, though, and the whois information is using one of those ID protection services. Hopefully someone on the Calendar team is familiar with it and will know who to contact though.
Updated•20 years ago
|
Component: General → Miscellaneous
Product: Calendar → mozilla.org
Version: unspecified → other
Updated•20 years ago
|
Group: security → webtools-security
Assignee | ||
Comment 2•20 years ago
|
||
I've contacted the contributor who provides mozcal.org and meanwhile I have disabled the link to it.
Comment 3•18 years ago
|
||
->invalid wasn't our site, and appears entirely down now
Group: webtools-security
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•