Closed Bug 1008150 Opened 11 years ago Closed 11 years ago

XSS attack

Categories

(Websites :: Other, defect)

Product:
Websites
Component:
Other
Platform:
All
Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: mohittirkey1992, Unassigned)

Details

What did you do? ================ 1. http://www.mozilla.org/security/bug-bounty.html 2. I inserted a script in the search bar provided 3. script:<BODY ONLOAD=alert('XSS')> What happened? ============== I was directed to page containing only images. ref:https://www.google.com/cse?cx=002443141534113389537%3Aysdmevkkknw&cof=FORID%3A0&q=%3CBODY+ONLOAD%3Dalert%28%27XSS%27%29%3E&x=26&y=6#gsc.tab=1&gsc.q=%3CBODY%20ONLOAD%3Dalert('XSS')%3E ref:https://www.google.com/cse?cx=002443141534113389537%3Aysdmevkkknw&cof=FORID%3A0&q=%3CBODY+ONLOAD%3Dalert%28%27XSS%27%29%3E&x=26&y=6#gsc.tab=0&gsc.q=%3CBODY%20ONLOAD%3Dalert('XSS')%3E&gsc.page=1 What should have happened? ========================== It should have displayed,the item you are looking for is not present in this website instead of showing images and other links. Is there anything else we should know? ====================================== please patch it. Thank You
Group: websites-security
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Component: General → Other
Product: Mozilla Developer Network → Websites
Resolution: --- → WONTFIX
Whiteboard: [specification][type:bug]
This entered your search terms in the google custom search which executes a google search, you then have the option for either "web" or "image" results from google for your search terms. This is expected behavior and is neither a bug nor a security bug.
Resolution: WONTFIX → INVALID
You need to log in before you can comment on or make changes to this bug.