Closed Bug 1362932 Opened 8 years ago Closed 8 years ago

Improper XSS fix in address_bar of firefox

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
53 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: pardeepbattu01, Unassigned)

Details

Attachments

(1 file)

firefox_xss_1.png
2.12 MB, image/png
Details
Attached image firefox_xss_1.png
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36 Steps to reproduce: 1. Go to the address bar of the firefox. 2. Enter the payload: javascript:alert(document.domain) 3. We'll see the popup with the domain name. Actual results: Hi guys, There is a XSS security issue at address bar of the firebox. You guys already applied the fix in address_bar but that is improper. You guys only encode the ' " > < these charactors, but not ) : ( these. So i am able to create xss issue with payload javascript:alert(document.domain) I have attached screenshot also, please have a look:
Typing this in the location bar yourself is not an XSS.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: