Closed Bug 631823 Opened 14 years ago Closed 14 years ago

Firefox allows the exposure of private information

Tracking

()

Status:

RESOLVED DUPLICATE of bug 629094

People

(Reporter: theintruder001, Unassigned)

References

(
URL
)

Details

theintruder001

Reporter

Description

•

14 years ago

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b10) Gecko/20100101 Firefox/4.0b10 Build Identifier: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0b10) Gecko/20100101 Firefox/4.0b10 It is possible to read your status info (logged in or not) on several websites by script. Reproducible: Always Steps to Reproduce: 1.Log in on Facebook, Twitter, or GMail 2.open the testwebsite https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information 3.read your result Actual Results: It shows that you are logged in or not (in case you didn't) Expected Results: It shouldn't show true results.

Kevin Brosnan

Updated

•

14 years ago

Status: UNCONFIRMED → RESOLVED

Closed: 14 years ago

Resolution: --- → DUPLICATE

Nobody; OK to take it and work on it

Assignee

Updated

•

11 years ago

Product: Firefox → Toolkit

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Firefox allows the exposure of private information

Categories

(Toolkit :: Safe Browsing, defect)

Tracking

()

People

(Reporter: theintruder001, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated