Status

support.mozilla.org
General
RESOLVED DUPLICATE of bug 551306
8 years ago
2 years ago

People

(Reporter: chris hofmann, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

8 years ago
reported from a web site tester. have a look when you have time. 

content can be injected on the error pages as in:

 https://support.mozilla.com/tiki-error.php?error=Mozilla%20Has%20Been%20Hacked

and authstage site gets some unexpected errors.

   https://www.authstage.mozilla.com/en-US/

gets

Warning: require_once(/data/www/www.mozilla.com-svn/includes/helpers.php) [function.require-once]: failed to open stream: No such file or directory in /data/www/www.mozilla.com-svn/en-US/index.html on line 2

Fatal error: require_once() [function.require]: Failed opening required '/data/www/www.mozilla.com-svn/includes/helpers.php' (include_path='.:/usr/share/pear:/usr/share/php') in /data/www/www.mozilla.com-svn/en-US/index.html on line 2
Please file a separate bug for authstage. None of the relevant people will see it under the support.mozilla.com component.
Group: websites-security
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 551306
(Reporter)

Comment 2

8 years ago
since the injection bug already has a dup, lets just use this for the warnings on authstage.  whats the right product/component?
(In reply to comment #2)
> since the injection bug already has a dup, lets just use this for the warnings
> on authstage.  whats the right product/component?

This bug contains a description of an open, albeit minor, security issue. It shouldn't be made public again.
(Reporter)

Comment 4

8 years ago
ok, whats the right component for the other bug?
I'd file it under Websites/www.mozilla.com. If that's wrong someone will find it there.
(Reporter)

Updated

8 years ago
Blocks: 601765
These bugs are all resolved, so I'm removing the security flag from them.
Group: websites-security
You need to log in before you can comment on or make changes to this bug.