Closed Bug 542986 Opened 12 years ago Closed 12 years ago

Form manager records secure data

Categories

(SeaMonkey :: Security, defect)

SeaMonkey 2.0 Branch
x86
Windows XP
defect
Not set
critical

Tracking

(Not tracked)

VERIFIED DUPLICATE of bug 252486

People

(Reporter: bitwise, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.5) Gecko/20091102 Firefox/3.5.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1.6) Gecko/20091206 SeaMonkey/2.0.1

When examining 'formhistory.sqlite' with an sqlite editor recently, I found
 - 2 passwords (definitely never entered other than in password fields)
 - a credit card number together with its cryptogram code (definitely never entered other than on an HTTPS: page)


Reproducible: Sometimes

Steps to Reproduce:
(Am trying to re-locate the pages concerned - but I don't know how long the data has been there.)
Actual Results:  
Form manager recorded secure data 

Expected Results:  
Secure data - form fields with type 'password' and data entered on a secure page should not be stored locally unencrypted.
Version: unspecified → SeaMonkey 2.0 Branch
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 252486
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.