Closed
Bug 947628
Opened 11 years ago
Closed 11 years ago
Cross Site port attack/Server Side request Forgery
Categories
(Cloud Services :: General, defect)
Cloud Services
General
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 869146
People
(Reporter: nitingoplani88, Unassigned)
Details
(Whiteboard: [site:blog.mozilla.org][reporter-external])
Attachments
(1 file)
114.10 KB,
image/jpeg
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 (Beta/Release) Build ID: 20131112160018 Steps to reproduce: 1- Send POST Request to enumerate the allowed methods: <methodCall> <methodName>system.listMethods</methodName> </methodCall> 2- You will find pingback.ping method Actual results: It enumerating the methods Expected results: It should not be publicly allowed
Updated•11 years ago
|
Group: mozilla-services-security
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Flags: sec-bounty-
Resolution: --- → DUPLICATE
Whiteboard: [site:blog.mozilla.org][reporter-external]
You need to log in
before you can comment on or make changes to this bug.
Description
•