Closed Bug 154029 Opened 23 years ago Closed 23 years ago

HTML directory indexer doesn't html-escape url

Categories

(Core :: Security: CAPS, defect)

Product:
Core
Component:
Security: CAPS
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 154030

People

(Reporter: bbaetz, Assigned: bbaetz)

References

(
URL
)

Details

As reported by ptrs-ejy@bp.iij4u.or.jp to the security group, the uri (which is added to the page) isn't html escaped: <quote> + Exploit code: ~~~~~~~~~~~~~~~~~ <a href="ftp://'FTPserver' or 'FTP+HTTPserver'/#%3C%2ftitle%3E%3Cscript%3Ealert(%22exploit%22);%3C%2fscript%3E">Exploit</a> </quote> (You need to add a valid ftp server in there) Patch coming
Oops - double submit. *** This bug has been marked as a duplicate of 154030 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Group: security?
VERIFIED/dupe.
Status: RESOLVED → VERIFIED
Component: Networking: FTP → Security: CAPS
QA Contact: benc → bsharma
You need to log in before you can comment on or make changes to this bug.