HTML directory indexer doesn't html-escape url

VERIFIED DUPLICATE of bug 154030

Status

()

Core
Security: CAPS
--
critical
VERIFIED DUPLICATE of bug 154030
16 years ago
16 years ago

People

(Reporter: bbaetz, Assigned: bbaetz)

Tracking

Trunk
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Assignee)

Description

16 years ago
As reported by ptrs-ejy@bp.iij4u.or.jp to the security group, the uri (which is
added to the page) isn't html escaped:

<quote>
+ Exploit code:
~~~~~~~~~~~~~~~~~
<a href="ftp://'FTPserver' or
'FTP+HTTPserver'/#%3C%2ftitle%3E%3Cscript%3Ealert(%22exploit%22);%3C%2fscript%3E">Exploit</a>
</quote>

(You need to add a valid ftp server in there)

Patch coming
(Assignee)

Comment 1

16 years ago
Oops - double submit.

*** This bug has been marked as a duplicate of 154030 ***
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → DUPLICATE
Group: security?

Comment 2

16 years ago
VERIFIED/dupe.
Status: RESOLVED → VERIFIED
Component: Networking: FTP → Security: CAPS
QA Contact: benc → bsharma
You need to log in before you can comment on or make changes to this bug.