1287376 - XSS and code execute

Status: RESOLVED DUPLICATE of bug 38862

(bugzilla.mozilla.org :: Bug Creation/Editing, defect)

Description

[Anas Roubi]

Attachment: evilsvgfile.svg

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0
Build ID: 20160606113944

Steps to reproduce:

go to https://bugzilla.mozilla.org/enter_bug.cgi
make a new bug


Actual results:

upload the a SVG file that has a javascript code or any uther code like 
https://hackerone.com/reports/142709


Expected results:

open it after upload it will execute

Comment 1

[Anas Roubi]

think it should be fixed as possible as can because it's XSS that i can write a script with no max length and in the same time it can be XXE what is a type of RCE vulnerabilities :) 

best regrades,
Anas Roubi

Comment 2

[:Gijs (he/him)]

It doesn't run on the same domain as bugzilla, so this isn't a problem.

Comment 3

[Anas Roubi]

(In reply to :Gijs Kruitbosch from comment #2)
> It doesn't run on the same domain as bugzilla, so this isn't a problem.
> 
> *** This bug has been marked as a duplicate of bug 38862 ***

OK what about this one #1287375 ?

Comment 4

[:Gijs (he/him)]

(In reply to Anas Roubi from comment #3)
> (In reply to :Gijs Kruitbosch from comment #2)
> > It doesn't run on the same domain as bugzilla, so this isn't a problem.
> > 
> > *** This bug has been marked as a duplicate of bug 38862 ***
> 
> OK what about this one #1287375 ?

I can't see that bug, so I have no idea.

Comment 5

[Anas Roubi]

I've added you can yu see it now?

Comment 8

[:Gijs (he/him)]

Please don't disclose issues that are still security-sensitive on public bugs. I've marked your comment private.

Comment 9

[:Gijs (he/him)]

(In reply to Anas Roubi from comment #5)
> I've added you can yu see it now?

Yes, but I don't have the knowledge to evaluate that bug. Others will do so when they're awake (it's night in the US still).