If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

XSS vulnerability in MDC login page (POST only)

RESOLVED FIXED

Status

Mozilla Developer Network
General
RESOLVED FIXED
9 years ago
2 years ago

People

(Reporter: bsterne, Unassigned)

Tracking

({wsec-xss})

Details

(URL)

(Reporter)

Description

9 years ago
POSTing the string:
foobar" onclick="alert(123);

in the username field results in the following HTML in the response:
<input name="name" id="nameid" tabindex="2" value="foobar" onclick="alert(123);" type="text">

Recommend using htmlentities to encode quotes, brackets, etc. in the output.
(Reporter)

Comment 1

9 years ago
On the registration page:
http://devmo.dekiwiki.mozilla.org/index.php?title=Special:Userlogin&register=true

the email parameter is also vulnerable.  Sample attack string:
test@foo.com" onclick="alert(123);
Fixed.
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
(Assignee)

Updated

5 years ago
Component: Deki Infrastructure → Other
Product: Mozilla Developer Network → Mozilla Developer Network
Adding keywords to bugs for metrics, no action required.  Sorry about bugmail spam.
Keywords: wsec-xss
For bugs that are resolved, we remove the security flag. These haven't had their flag removed, so I'm removing it now.
Group: websites-security
You need to log in before you can comment on or make changes to this bug.