Closed Bug 542986 Opened 15 years ago Closed 15 years ago

Form manager records secure data

Categories

(SeaMonkey :: Security, defect)

Product:
SeaMonkey
Component:
Security
Version:
SeaMonkey 2.0 Branch
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 252486

People

(Reporter: bitwise, Unassigned)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.5) Gecko/20091102 Firefox/3.5.5
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1.6) Gecko/20091206 SeaMonkey/2.0.1

When examining 'formhistory.sqlite' with an sqlite editor recently, I found
 - 2 passwords (definitely never entered other than in password fields)
 - a credit card number together with its cryptogram code (definitely never entered other than on an HTTPS: page)


Reproducible: Sometimes

Steps to Reproduce:
(Am trying to re-locate the pages concerned - but I don't know how long the data has been there.)
Actual Results:  
Form manager recorded secure data 

Expected Results:  
Secure data - form fields with type 'password' and data entered on a secure page should not be stored locally unencrypted.
Version: unspecified → SeaMonkey 2.0 Branch
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.