Closed Bug 505337 Opened 15 years ago Closed 15 years ago

XSS vuln in 'matchuser' parameter on Special:ListUsers page

Categories

(developer.mozilla.org Graveyard :: General, defect)

Product:
developer.mozilla.org Graveyard
Component:
General
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: reed, Assigned: royk)

References

(
URL
)

Details

(Keywords: wsec-xss)

Attachments

(1 file)

patch from upstream
1.02 KB, patch
Details | Diff | Splinter Review 
Found by hyperscan

https://developer.mozilla.org/Special:ListUsers?matchuser=<script>alert("XSS");</script>

<div class="errormsg systemmsg" id="sessionMsg"><div class="inner"><ul><li>User <script>alert("XSS");</script> could not be found.</li></ul></div></div> 			</div>

    
    

    
  
Patch resolved the issue.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED

    
  
Assignee: nobody → royk

    
  
Blocks: 505301

    
    

    
  
Verified FIXED.
Status: RESOLVED → VERIFIED
Component: Deki Infrastructure → Other

    
    

    
  
Adding keywords to bugs for metrics, no action required.  Sorry about bugmail spam.
Keywords: wsec-xss

    
    

    
  
For bugs that are resolved, we remove the security flag. These haven't had their flag removed, so I'm removing it now.
Group: websites-security

    
  
Product: developer.mozilla.org → developer.mozilla.org Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: