Closed Bug 1660704 Opened 5 years ago Closed 4 years ago

Firefox Android watch to app resource

Categories

(Firefox for Android :: General, defect)

Product:
Firefox for Android
Component:
General
Platform:
Unspecified
Android
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1684761

People

(Reporter: kiky.tokamuro, Unassigned, NeedInfo)

References

(
URL
)

Details

(Keywords: reporter-external, sec-low, Whiteboard: [reporter-external] [client-bounty-form] [verif?])

Attachments

(2 files)

photo_2020-08-24_00-27-39.jpg
37.54 KB, image/jpeg
Details
1660704.html
263 bytes, text/html
Details

Firefox ver: 79.0.5 (Build #2015758619)
OS: Android 7.0

Ability to insert payload into "image" parameter on page resource://android/assets/low_and_medium_risk_error_pages.html to view app resources.

Flags: sec-bounty?
OS: Unspecified → Android
Group: firefox-core-security → mobile-core-security
Type: task → defect
Component: Security → Security: Android
Product: Firefox → Fenix
Attached file 1660704.html

HTML file showing that this is not a problem from remote pages.

users can load a bunch of internal URLs in the address bar (mostly for testing/debugging) if they want. If it's harmful they're only hurting themselves. It's only a problem if these can be accessed from web content. That's not demonstrated here, but you didn't show the full steps that lead to your picture -- is there a way?

Flags: needinfo?(kiky.tokamuro)
Keywords: sec-low
See Also: → CVE-2021-23959
Flags: sec-bounty? → sec-bounty-
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
Group: mobile-core-security
Component: Security: Android → General
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: