Closed
Bug 713567
Opened 13 years ago
Closed 13 years ago
Cross site scripting on registration page
Categories
(Websites Graveyard :: drumbeat.org, defect)
Websites Graveyard
drumbeat.org
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: netfuzzerr, Assigned: boozeniges)
Details
(Keywords: wsec-xss, Whiteboard: [infrasec:xss][ws:moderate])
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7 Steps to reproduce: Hello, There is a cross site scripting vulnerability in Mozilla Drumbeat. The failure occurs when a User enters a "username" in Mozilla Drumbeat page shows a prediction without properly encode well allowing you to add HTML tags. Reproduce: 1. Open https://www.drumbeat.org/en-US/register/. 2. In user name type <script>alert('XSSED')</script>. 3. See the alert. Regards, Mario Actual results: not encode properly so allowing you to add HTML tags.
Reporter | ||
Updated•13 years ago
|
Severity: normal → major
Comment 1•13 years ago
|
||
Thank you for reporting this issue to us. We'll investigate the issue and provide feedback within the bug. No additional action is needed from you at this time. If you have questions or additional information please add that info to the bug. Thanks, mgoodwin
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 2•13 years ago
|
||
Issue: There is a DOM XSS condition in https://www.drumbeat.org/en-US/register/ in the username field. Steps to reproduce: See comment #0 Remediation: Correctly entity encode any user supplied input prior to addition to the DOM.
Updated•13 years ago
|
Assignee: nobody → ross
Updated•13 years ago
|
Whiteboard: [infrasec:xss][ws:moderate]
Assignee | ||
Comment 3•13 years ago
|
||
Fixed on https://drumbeat.org/en-US/register/ (I believe)
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•13 years ago
|
||
Only for know, this bug don't have chance for participate of security bounty program,right?
Reporter | ||
Comment 6•13 years ago
|
||
Can somebody remove the security flag?
Updated•13 years ago
|
Group: websites-security
Comment 8•13 years ago
|
||
Hi Mario, All community reported bugs are nominated for review by the bug bounty team, and a decision is made on a case-by-case basis. That team will make a determination regarding whether or not the bug qualifies and get back to you. Thank you for reporting this bug!
Reporter | ||
Comment 9•13 years ago
|
||
Ok, thanks for response.
Updated•13 years ago
|
Summary: Cross site scripting when cadastration page → Cross site scripting on registration page
Comment 10•13 years ago
|
||
Mario, We reviewed this bug for bounty consideration. This site is not on the bounty list and this particular issue, while of course not desirable, does not place users at significant risk. This assessment is based more on the overall risk of the website (and also why we chose not to include this site within the bounty scope) However, we do appreciate you reporting this bug and have addressed the issue.
Reporter | ||
Comment 11•13 years ago
|
||
Okay. I predicted this, a XSS very integration of the User. Thanks for fast fix and response!
Reporter | ||
Comment 12•11 years ago
|
||
why this "Blocks 836522" in all my old reports?
Comment 13•11 years ago
|
||
(In reply to Mario Gomes from comment #12) > why this "Blocks 836522" in all my old reports? 836522 is a metabug we are trying for the bounty program. The goal is to make it easier to find dupes within a component and help obtain a consistent payout amount for similar bugs in a component.
Comment 14•11 years ago
|
||
Adding keywords to bugs for metrics, no action required. Sorry about bugmail spam.
Keywords: wsec-xss
Updated•9 years ago
|
Product: Websites → Websites Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•