Closed Bug 1374009 Opened 7 years ago Closed 7 years ago

xss in firefox

Categories

(Firefox :: Address Bar, enhancement)

Unspecified
Windows 7
enhancement
Not set
major

Tracking

()

VERIFIED DUPLICATE of bug 255107

People

(Reporter: touqeersaddique, Unassigned)

Details

Attachments

(1 file)

705.62 KB, application/x-rar
Details
Attached file images.rar
when i enter a specific code in the url bar it offers me open a file or save a file or also open the file in through other software so there i also included the malicious code in the url bar when i open the file with new tab of firefox then the html entity was worked...

shows the empty screen 
Give the option to save or open the file through other software
the html entities was worked






Through open file bug we can render malicious files 
hacker can write some specific data on chrome page 
The html entities are worked there
Flags: needinfo?(touqeersaddique)
Saving a file and then opening it is normal functionality, not "XSS".
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
(In reply to :Gijs from comment #1)
> Saving a file and then opening it is normal functionality, not "XSS".

ok dear This is not a xss i understand that but tell me one thing ..

((data:'country_id='+data:'country_id='+<h1>asad</h1>, hacked tnhtha))


This is the url for openning and saving file window I think you are kidding with me...
The second thing is that when i wrote this code in url bar why did the page was not render and also when i put the html tag in the last of the code (<h1>hacked</h1>) the code will be shown on the main screen  ....i did not know the name of the bug But i request you to please review this bug one more time 
Thanks
Flags: needinfo?(touqeersaddique) → needinfo?(mak77)
(In reply to toqueer from comment #2)
> (In reply to :Gijs from comment #1)
> > Saving a file and then opening it is normal functionality, not "XSS".
> 
> ok dear This is not a xss i understand that but tell me one thing ..
> 
> ((data:'country_id='+data:'country_id='+<h1>asad</h1>, hacked tnhtha))
> 
> 
> This is the url for openning and saving file window I think you are kidding
> with me...
> The second thing is that when i wrote this code in url bar why did the page
> was not render and also when i put the html tag in the last of the code
> (<h1>hacked</h1>) the code will be shown on the main screen  ....i did not
> know the name of the bug But i request you to please review this bug one
> more time 
> Thanks
I think your original scope was to show something like: http://www.gnucitizen.org/blog/self-contained-xss-attacks/

Based on the initial description I think this may be considered a dupe of bug 255107.
Flags: needinfo?(mak77)
Resolution: INVALID → DUPLICATE
(In reply to Marco Bonardo [::mak] from comment #4)
> I think your original scope was to show something like:
> http://www.gnucitizen.org/blog/self-contained-xss-attacks/
> 
> Based on the initial description I think this may be considered a dupe of
> bug 255107.

So what Know my bug is valid which i already know that or I getting some sort of bug bounty or not...
Thanks
Flags: needinfo?(mak77)
afaik, bug bounty is only due for newly found critical vulnerabilities, this is a problem known from years and not critical.
Flags: needinfo?(mak77)
(In reply to Marco Bonardo [::mak] from comment #6)
> afaik, bug bounty is only due for newly found critical vulnerabilities, this
> is a problem known from years and not critical.

I don't think so this is not a critical issue .This is completely url bar spoofing bug which i found i think you must saw those images which i send to you and then make any decision.
thanks
Flags: needinfo?(mak77)
The previous answer is still valid, thank you for the report, but it was already known from 13 years ago.
Flags: needinfo?(mak77)
So thank you very much for your precious time 
Thanks dear(In reply to Marco Bonardo [::mak] from comment #8)
> The previous answer is still valid, thank you for the report, but it was
> already known from 13 years ago.
Flags: needinfo?(mak77)
Status: RESOLVED → VERIFIED
Flags: needinfo?(mak77)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: