Closed Bug 1841515 Opened 2 years ago Closed 2 years ago

UXss via share data:url

Tracking

()

Status:

RESOLVED DUPLICATE of bug 1841516

People

(Reporter: verticaldark17, Unassigned)

References

(
URL
)

Details

(Keywords: reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])

MUHAMMAD ZAID GHIFARI

Reporter

Description

•

2 years ago

Hi team, I found a UXss vulnerability in your android browser, this is affected by the latest version of firefox and nightly.

Payload :
data:text/html;base64,PHNjcmlwdD5hbGVydCgiSGVsbG8iKTs8L3NjcmlwdD4=

Steps and reproduction :

The attacker sends the above data:url to the victim
The victim opens the data:url above in the firefox browser
Victim click enter on search engginne
The victim switches to desktop or mobile mode
Xss executable

This vulnerability requires 2 interactions, but who would have thought that this vulnerability executes arbitrary javascript and can inject javascript into the victim's browser.

Andrew McCreight [:mccr8]

Updated

•

2 years ago

Status: UNCONFIRMED → RESOLVED

Closed: 2 years ago

Duplicate of bug: 1841516

Resolution: --- → DUPLICATE

Daniel Veditz [:dveditz]

Updated

•

2 years ago

Group: firefox-core-security

David Lawrence [:dkl]

Updated

•

1 year ago

Keywords: reporter-external

You need to log in before you can comment on or make changes to this bug.

Bugzilla

UXss via share data:url

Categories

(Firefox :: Security, defect)

Tracking

()

People

(Reporter: verticaldark17, Unassigned)

References

(
URL
)

Details

(Keywords: reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated