RESOLVED DUPLICATE of bug 613272

Status

Webtools Graveyard
Litmus
--
critical
RESOLVED DUPLICATE of bug 613272
7 years ago
2 years ago

People

(Reporter: geeknik, Unassigned)

Tracking

Details

(Whiteboard: [infrasec:xss][ws:high])

(Reporter)

Description

7 years ago
This XSS vulnerability affects the script located @ https://litmus.mozilla.org/search_results.cgi. 

If you launch the following URL not only will you get a little popup box  on the page, but if you view the source, you can see that the input is also reflected inside a text element:

https://litmus.mozilla.org/search_results.cgi?limit=50&order_by_created=DESC&result_status=1%3CScRiPt%20%3Eprompt%28925133%29%3C%2fScRiPt%3E&timespan=all

Page Source:
<p>Custom<br/>Status is '1<ScRiPt >prompt(925133)</ScRiPt>'<br/>All Results<br/>Order by created DESC<br/>Limit to 50 results per page</p>

To fix this, you can set the script up to filter metacharacters from user input.
Group: websites-security → webtools-security
Component: other.mozilla.org → Litmus
Product: Websites → Webtools
QA Contact: other-mozilla-org → litmus
Confirmed XSS issue on search_results.cgi.
See Also: → bug 613272
Whiteboard: [infrasec:xss][ws:high]

Updated

7 years ago
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 613272
Group: webtools-security

Updated

5 years ago
Blocks: 835447
(Assignee)

Updated

2 years ago
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.