648821 - Cross-Site Scripting (XSS) Vulnerability Found on developer.mozilla.org

Status: RESOLVED DUPLICATE of bug 622996

(developer.mozilla.org Graveyard :: Wiki pages, defect)

Description

[Sow Ching Shiong]

User-Agent:       Mozilla/5.0 (Windows NT 5.2; rv:2.0) Gecko/20100101 Firefox/4.0
Build Identifier: 

A Cross-Site Scripting (XSS) vulnerability has been discovered in developer.mozilla.org, which can be exploited by malicious users to conduct Cross-Site Scripting (XSS) attacks.

Input passed via the "pageId" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Tested on Firefox 4.0.

FYI. Below is the PoC:

Cross-Site Scripting (XSS):
===========================
https://developer.mozilla.org/index.php?title=Special:Tags&pageId=1279'"--></style></script><script>alert(document.cookie)</script>

Reproducible: Always

Comment 1

[Wil Clouser [:clouserw]]

I think this is a dupe

Comment 2

[Sow Ching Shiong]

(In reply to comment #1)
> I think this is a dupe

Hi Wil Clouser,
Have you tested the PoC on your machine? I have tested and it worked on my Firefox 4.0.

Please let me know if you require any further information or enquiries.

Comment 3

[Sow Ching Shiong]

(In reply to comment #2)
> (In reply to comment #1)
> > I think this is a dupe
> 
> Hi Wil Clouser,
> Have you tested the PoC on your machine? I have tested and it worked on my
> Firefox 4.0.
> 
> Please let me know if you require any further information or enquiries.

Also, I have searched thru the reported bug and I couldn't find any duplicates.

Comment 5

[Will Kahn-Greene [:willkg] ET needinfo? me]

For bugs that are resolved, we remove the security flag. These haven't had their flag removed, so I'm removing it now.