Closed Bug 438689 Opened 17 years ago Closed 17 years ago

XSS vulnerability in MDC login page (POST only)

Categories

(developer.mozilla.org Graveyard :: General, defect)

Product:
developer.mozilla.org Graveyard
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: bsterne, Unassigned)

References

(
URL
)

Details

(Keywords: wsec-xss)

POSTing the string: foobar" onclick="alert(123); in the username field results in the following HTML in the response: <input name="name" id="nameid" tabindex="2" value="foobar" onclick="alert(123);" type="text"> Recommend using htmlentities to encode quotes, brackets, etc. in the output.
On the registration page: http://devmo.dekiwiki.mozilla.org/index.php?title=Special:Userlogin&register=true the email parameter is also vulnerable. Sample attack string: test@foo.com" onclick="alert(123);
Fixed.
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Component: Deki Infrastructure → Other
Adding keywords to bugs for metrics, no action required. Sorry about bugmail spam.
Keywords: wsec-xss
For bugs that are resolved, we remove the security flag. These haven't had their flag removed, so I'm removing it now.
Group: websites-security
Product: developer.mozilla.org → developer.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.