Closed
Bug 715042
Opened 13 years ago
Closed 13 years ago
Xss Vulnerability on Https://www.Wiki.Mozilla.org
Categories
(Websites :: wiki.mozilla.org, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 714540
People
(Reporter: belminv, Unassigned)
Details
(Whiteboard: [infrasec:xss][ws:high])
Hello this is Belmin Vehabovic I found a Non-persistent Vulnerability on Wiki.Mozilla.org https://wiki.mozilla.org/Special:Search?search=<script>alert("Xss By Belmin Vehabovic");</script>&x=18&y=9
Comment 1•13 years ago
|
||
Thank you for reporting this issue to us. We'll investigate the issue and provide feedback within the bug. No additional action is needed from you at this time. If you have questions or additional information please add that info to the bug. Thanks, mgoodwin
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 2•13 years ago
|
||
Issue: Reflected XSS in wiki.mozilla.org via search. Steps to reproduce: Comment #0 has a perfect explanation Remediation: Ensure all untrusted data (in this case, user input) is correctly encoded in the resulting HTML. See https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines#Preventing_XSS for more information.
Updated•13 years ago
|
Whiteboard: [infrasec:xss][ws:high]
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Updated•10 years ago
|
Group: websites-security
You need to log in
before you can comment on or make changes to this bug.
Description
•