Closed Bug 1355999 Opened 9 years ago Closed 11 days ago

Categories

(bugzilla.mozilla.org :: Custom Bug Entry Forms, enhancement, P3)

Production
enhancement

Tracking

()

RESOLVED FIXED

People

(Reporter: testbr09, Unassigned)

References

()

Details

(Keywords: csectype-disclosure, reporter-external, sec-low, Whiteboard: [reporter-external] [web-bounty-form] [verif?])

Attachments

(2 files)

Hi team, I noticed a disclosure of sensitive information at https://bugzilla.mozilla.org/form.web.bounty The field Summary / Title does not have the autocomplete = off attribute. The current scenario makes the central content of a report visible to any other user of a shared device. This information seems highly sensitive to me and should not be 'stored' in this way.
Flags: sec-bounty?
Attached image POC image
Tester: thanks for the report! Dylan: Thoughts on this? Seems low risk, but probably also easy to do.
Flags: needinfo?(dylan)
Summary: Sensitive information disclosure on https://bugzilla.mozilla.org/form.web.bounty → Autocomplete on https://bugzilla.mozilla.org/form.web.bounty
The URL and description fields also have this behavior. This makes a lot of sensitive information accessible from a report in my opinion.
It would only be a lot if a shared computer was being used to file multiple security bugs... I find that scenario to be hard to imagine. We'll still turn off autocomplete but it isn't a huge priority to me.
Flags: needinfo?(dylan)
Group: websites-security → bugzilla-security
Severity: normal → enhancement
Component: Other → Custom Bug Entry Forms
Priority: -- → P3
Product: Websites → bugzilla.mozilla.org
Version: unspecified → Production
Although we should fix this (because it's easy), the threat doesn't meet the severity bar of our bug bounty program
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: sec-bounty? → sec-bounty-

This does not need to be hidden

URL: https://bugzilla.mozilla.org/form.we...https://bugzilla.mozilla.org/form.web...
Group: bugzilla-security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: