Closed
Bug 1731719
Opened 3 years ago
Closed 3 years ago
HTML injection to SSRF
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1729452
People
(Reporter: iamnew443, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0
Steps to reproduce:
vulnerable url: "https://support.mozilla.org/en-US/questions/new/firefox-enterprise/form"
This form allows injecting <img> html tag.
- Visit: https://support.mozilla.org/en-US/questions/new/firefox-enterprise/form
- Inject the following code in the description box
<img src="<your server addr>" width="200"/>
3. Then submit the form.
Actual results:
It will make a request to the specified server.
Updated•3 years ago
|
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•