HTML attachments can be used to hijack Bugzilla sessions via XSS

RESOLVED DUPLICATE of bug 38862

Status

()

RESOLVED DUPLICATE of bug 38862
11 years ago
10 years ago

People

(Reporter: mozilla, Unassigned)

Tracking

Details

Attachments

(1 attachment)

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-us) AppleWebKit/523.10.6 (KHTML, like Gecko) Version/3.0.4 Safari/523.10.6
Build Identifier: 

Attachments can contain malicious scripts, or source in scripts from other domains that may later become malicious. By creating a malicious attachment, an attacker

Reproducible: Always

Steps to Reproduce:
1. Visit http://crypto.stanford.edu/~collinj/research/bugzilla/xss/
Actual Results:  
Your Bugzilla session cookie is alerted

Expected Results:  
Malicious page is not able to steal your Bugzilla cookie

Updated

11 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 38862
(Reporter)

Comment 2

11 years ago
Created attachment 295846 [details]
Example attachment that sources in script from another domain
Group: webtools-security → bugzilla-security
Group: bugzilla-security → webtools-security
Group: webtools-security → bugzilla-security

Comment 3

10 years ago
This bug is being removed from the security group because the bug that it is a duplicate of is now public, since it has been fixed and a Security Advisory has been sent about it. See bug 468249 for the Security Advisory.
Group: bugzilla-security
You need to log in before you can comment on or make changes to this bug.