Closed
Bug 1780479
Opened 3 years ago
Closed 3 years ago
XSS via DevTools with eval(location.hash.substring(1));
Categories
(DevTools :: Console, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1732543
People
(Reporter: adonkidz7, Unassigned)
Details
Attachments
(2 files)
4.jpg
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
Steps to reproduce:
- open Firefox browser
- go to https://www.google.com/search?q=a&source=lmns&bih=961&biw=1461&hl=en&sa=X&ved=2ahUKEwjYsOyMl4f5AhUq7nMBHWwJDVUQ_AUoAHoECAEQAA#dobs=
- in Dictionary
- type this: Reflect.apply(alert,null,[document.domain]); in Search for a word bar
- open devtools (F12)
- go to console
- paste this code in console: eval(location.hash.substring(1));
Actual results:
A pop-up alert appears when I paste the code in devtools.
Expected results:
Is it the same as this bug? https://bugzilla.mozilla.org/show_bug.cgi?id=1732543
If this is a duplicate, just close this discussion.
Thank you!
|
Reporter | |
Updated•3 years ago
|
Component: Untriaged → Console
Product: Firefox → DevTools
|
|
Reporter | |
Comment 1•3 years ago
|
||
|
||
Comment 2•3 years ago
|
||
The fact that the console runs arbitrary scripts, and that it's dangerous to paste in scripts from strangers is inherent to what Developer Tools have to do to be useful (in all browsers).
That it happens immediately when you paste or type that string (eager evaluation) is the same as bug 1732543.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•