Closed
Bug 691938
Opened 13 years ago
Closed 13 years ago
XSS in guides.mozilla.org
Categories
(Websites :: Other, defect)
Websites
Other
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: ygjb, Unassigned)
References
Details
(Whiteboard: [infrasec:xss][ws:low])
Issue An XSS vulnerability exists in guides.mozilla.org that can be used to attack a user of an old browser. Steps to reproduce 1. Navigate to http://guides.mozilla.org/index.php?search=%2BADw-/title%2BAD4-%2BADw-script%2BAD4-alert()%2BADw-/script%2BAD4- 2. Observe the script execution. Recommendation None. The guides site will be taken off-line soon, and this vulnerability can only be leveraged against users of IE6 or earlier.
Reporter | ||
Updated•13 years ago
|
Whiteboard: [infrasec:xss][ws:low]
Reporter | ||
Updated•13 years ago
|
Comment 3•13 years ago
|
||
This site is not eligible for the bug bounty. The site is not on the bounty list and this vulnerability only impacts old browsers.
You need to log in
before you can comment on or make changes to this bug.
Description
•