User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7 Steps to reproduce: Hello, There is a cross site scripting vulnerability in Mozilla Drumbeat. The failure occurs when a User enters a "username" in Mozilla Drumbeat page shows a prediction without properly encode well allowing you to add HTML tags. Reproduce: 1. Open https://www.drumbeat.org/en-US/register/. 2. In user name type <script>alert('XSSED')</script>. 3. See the alert. Regards, Mario Actual results: not encode properly so allowing you to add HTML tags.
Thank you for reporting this issue to us. We'll investigate the issue and provide feedback within the bug. No additional action is needed from you at this time. If you have questions or additional information please add that info to the bug. Thanks, mgoodwin
Issue: There is a DOM XSS condition in https://www.drumbeat.org/en-US/register/ in the username field. Steps to reproduce: See comment #0 Remediation: Correctly entity encode any user supplied input prior to addition to the DOM.
Fixed on https://drumbeat.org/en-US/register/ (I believe)
Only for know, this bug don't have chance for participate of security bounty program,right?
Can somebody remove the security flag?
Hi Mario, All community reported bugs are nominated for review by the bug bounty team, and a decision is made on a case-by-case basis. That team will make a determination regarding whether or not the bug qualifies and get back to you. Thank you for reporting this bug!
Ok, thanks for response.
Mario, We reviewed this bug for bounty consideration. This site is not on the bounty list and this particular issue, while of course not desirable, does not place users at significant risk. This assessment is based more on the overall risk of the website (and also why we chose not to include this site within the bounty scope) However, we do appreciate you reporting this bug and have addressed the issue.
Okay. I predicted this, a XSS very integration of the User. Thanks for fast fix and response!
why this "Blocks 836522" in all my old reports?
(In reply to Mario Gomes from comment #12) > why this "Blocks 836522" in all my old reports? 836522 is a metabug we are trying for the bounty program. The goal is to make it easier to find dupes within a component and help obtain a consistent payout amount for similar bugs in a component.
Adding keywords to bugs for metrics, no action required. Sorry about bugmail spam.