HTTP Connection on http://planet.mozillareps.org/

RESOLVED WONTFIX

Status

Websites
Other
RESOLVED WONTFIX
a year ago
a year ago

People

(Reporter: Khalid Amin, Unassigned)

Tracking

unspecified
Bug Flags:
sec-bounty -

Details

(Whiteboard: [reporter-external] [web-bounty-form] [verif?], URL)

(Reporter)

Description

a year ago
This link works on HTTP, which makes it vulnerable to Man in the middle attack.

Scenario: 
I can make it the home page on a local network in a public place, and I can see all the packets sent and received, like comments sent to a moderator before being posted.
Flags: sec-bounty?
We have many many hundreds of sites that are available over HTTP.  It's something we intend to fix, but it's going to be a long process.  Thanks for bringing it to our attention however!
Group: websites-security
Status: UNCONFIRMED → RESOLVED
Last Resolved: a year ago
Flags: sec-bounty? → sec-bounty-
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.