Closed Bug 568114 Opened 14 years ago Closed 3 years ago

mxr.mozilla.org page content editable by paste

Categories

(Core :: DOM: Core & HTML, defect, P5)

Product:
Core
Component:
DOM: Core & HTML
Version:
1.9.2 Branch
Platform:
All
Windows XP
Type:
defect

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: mayhemer, Unassigned)

Details

Attachments

(1 file)

screenshot
142.48 KB, image/jpeg
Details
Attached image screenshot 
Not sure this is a bug or feature of mxr.mozilla.org (seems not to), but I was able to modify the page content like this (see the attachment) when searching for "nsDOMStorageDBWrapper" file name on mxr.  I have clicked somewhere to the table and not on the input box field (first of the two "file" fields), then pasted.

I need to figure out where exactly I have clicked before I pressed ctrl-v to have STR.

This is the source of the selection of the table to the left, see where "nsDOMStorageDBWrapper" is injected:

<tr>
  <td valign="top" width="35%" align="left">

   <table width="100%" bgcolor="#eeeeee" border="1" cellpadding="10" cellspacing="0">
    <tbody><tr>
     nsDOMStorageDBWrapper<td>



      <h2 align="center"><i>mozilla-central</i> Starting Points</h2>

         <font size="+1"><a href="source/"><b>/mozilla</b></a></font>
<br>
         <font size="-1">
          Browse from the root
          of this tree.
         </font>
<form method="get" action="find">
<div align="right">
<br> <b><a href="search">Search for</a>:</b>


Reporting as a potential security issue.

BuildID: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)

Will try to reproduce in safe mode.  I don't have installed any non-standard plug-ins nor much of extensions (like related to content editing).
This could be a duplicate of or related to bug 339975 comment 24.  

Also good to check bug 424627, bug 462970 and bug 522815.

Would be good to open this bug (I don't have privileges to do it).
Group: core-security
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046

Move all DOM bugs that haven’t been updated in more than 3 years and has no one currently assigned to P5.

If you have questions, please contact :mdaly.
Priority: -- → P5
Component: DOM → DOM: Core & HTML

Closing this as resolved:incomplete, mxr.mozilla.org is no longer available and the last activity on this issue was 12 years ago.

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: