Closed
Bug 1883456
Opened 2 years ago
Closed 2 years ago
WebAuthn API Can Hide Fullscreen Notifications on Android
Categories
(Firefox for Android :: General, defect)
Firefox for Android
General
Tracking
()
RESOLVED
DUPLICATE
of bug 1865413
People
(Reporter: fazim.pentester, Unassigned)
Details
(Keywords: reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])
Attachments
(2 files)
Using the Web Authentication API, a malicious site could hide Firefox's fullscreen notification toast on Android, potentially allowing it to spoof the browser by impersonating trusted sites with custom address bars.
Steps to Reproduce:
- Download and poc.html file
- Host a HTTPS server using the proof-of-concept file.
- Open the Android Firefox browser and navigate to the HTTPS server to Begin testing.
Flags: sec-bounty?
|
||
Updated•2 years ago
|
Group: firefox-core-security → core-security
Component: Security → DOM: Web Authentication
Product: Firefox → Core
|
|
||
Updated•2 years ago
|
Group: core-security → crypto-core-security
|
|
||
Comment 1•2 years ago
|
||
tthibaud, is this a dupe of bug 1865413? The description sounds the same but I didn't look at the test case.
Group: crypto-core-security → mobile-core-security
Component: DOM: Web Authentication → General
Flags: needinfo?(tthibaud)
Product: Core → Fenix
|
Reporter | |
Comment 2•2 years ago
|
||
(In reply to Andrew McCreight [:mccr8] from comment #1)
tthibaud, is this a dupe of bug 1865413? The description sounds the same but I didn't look at the test case.
Kindly cc, Thanks
|
|
Reporter | |
Comment 3•2 years ago
|
||
Demo HTTPS Site: https://test-ece44.web.app/firefox/webauth.html
|
||
Updated•2 years ago
|
|
|
||
Updated•2 years ago
|
Flags: sec-bounty? → sec-bounty-
|
||
Updated•2 years ago
|
Flags: needinfo?(tthibaud)
|
||
Updated•1 year ago
|
Keywords: reporter-external
|
|
||
Updated•7 months ago
|
Group: mobile-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•