Closed Bug 1364600 Opened 8 years ago Closed 8 years ago

stored xss

Categories

(Websites :: Other, defect)

Product:
Websites
Component:
Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1142658

People

(Reporter: mitunjoy1, Unassigned)

Details

Attachments

(1 file)

Screenshot_484.png
329.86 KB, image/png
Details
Attached image Screenshot_484.png
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Steps to reproduce: Hello i have found an stored xss which is reflected at https://assets.mozilla.org Steps to reproduce: 1. go https://assets.mozilla.org/ 2. put this payload test"><img src=x onerror=prompt(domain)> in search box 3. click search you will see a pop up alert of xss Actual results: Please let me know if you need more information. Hope You'll fix this one.. Be Safe Thanks
Group: firefox-core-security → websites-security
Component: Untriaged → Other
Product: Firefox → Websites
This is actually a self-xss, but unfortunately it has already been submitted. Thank you, though!
Group: websites-security
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: