Closed Bug 1265379 Opened 4 years ago Closed 4 years ago

URLBar spoofing via json

Categories

(Firefox :: Untriaged, defect)

45 Branch
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1233672

People

(Reporter: pobdan, Unassigned)

Details

Attachments

(2 files)

Attached image firefoxurlspoofing.png
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36

Steps to reproduce:

Open a new tab in firefox and paste this link in the urlbar:
http://atacker.com/test","url":"mozilla.org

The issue is caused becouse the url is not proprely filtred when included in the JSON responsible with the sugestions.


Actual results:

You will see "Vizit mozilla.org" if you click mozilla.org will go to attacker.com.


Expected results:

This can be used to trick users into phishing attacks.
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1233672
Group: firefox-core-security
You need to log in before you can comment on or make changes to this bug.