Closed Bug 411209 Opened 13 years ago Closed 13 years ago

HTML attachments can be used to hijack Bugzilla sessions via XSS

Categories

(Bugzilla :: Attachments & Requests, defect)

defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 38862

People

(Reporter: mozilla, Unassigned)

Details

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-us) AppleWebKit/523.10.6 (KHTML, like Gecko) Version/3.0.4 Safari/523.10.6
Build Identifier: 

Attachments can contain malicious scripts, or source in scripts from other domains that may later become malicious. By creating a malicious attachment, an attacker

Reproducible: Always

Steps to Reproduce:
1. Visit http://crypto.stanford.edu/~collinj/research/bugzilla/xss/
Actual Results:  
Your Bugzilla session cookie is alerted

Expected Results:  
Malicious page is not able to steal your Bugzilla cookie
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 38862
Group: webtools-security → bugzilla-security
Group: bugzilla-security → webtools-security
Group: webtools-security → bugzilla-security
This bug is being removed from the security group because the bug that it is a duplicate of is now public, since it has been fixed and a Security Advisory has been sent about it. See bug 468249 for the Security Advisory.
Group: bugzilla-security
You need to log in before you can comment on or make changes to this bug.