Closed Bug 1287376 Opened 5 years ago Closed 5 years ago

XSS and code execute

Categories

(bugzilla.mozilla.org :: Bug Creation/Editing, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 38862

People

(Reporter: anasroubi, Unassigned)

Details

Attachments

(1 file)

Attached image evilsvgfile.svg
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0
Build ID: 20160606113944

Steps to reproduce:

go to https://bugzilla.mozilla.org/enter_bug.cgi
make a new bug


Actual results:

upload the a SVG file that has a javascript code or any uther code like 
https://hackerone.com/reports/142709


Expected results:

open it after upload it will execute
think it should be fixed as possible as can because it's XSS that i can write a script with no max length and in the same time it can be XXE what is a type of RCE vulnerabilities :) 

best regrades,
Anas Roubi
It doesn't run on the same domain as bugzilla, so this isn't a problem.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Component: Untriaged → Bug Creation/Editing
Product: Firefox → bugzilla.mozilla.org
Resolution: --- → DUPLICATE
Version: 47 Branch → Production
Duplicate of bug: 38862
(In reply to :Gijs Kruitbosch from comment #2)
> It doesn't run on the same domain as bugzilla, so this isn't a problem.
> 
> *** This bug has been marked as a duplicate of bug 38862 ***

OK what about this one #1287375 ?
(In reply to Anas Roubi from comment #3)
> (In reply to :Gijs Kruitbosch from comment #2)
> > It doesn't run on the same domain as bugzilla, so this isn't a problem.
> > 
> > *** This bug has been marked as a duplicate of bug 38862 ***
> 
> OK what about this one #1287375 ?

I can't see that bug, so I have no idea.
I've added you can yu see it now?
Please don't disclose issues that are still security-sensitive on public bugs. I've marked your comment private.
(In reply to Anas Roubi from comment #5)
> I've added you can yu see it now?

Yes, but I don't have the knowledge to evaluate that bug. Others will do so when they're awake (it's night in the US still).
You need to log in before you can comment on or make changes to this bug.