User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Build ID: 20120905151427 Steps to reproduce: Hello, I found a reflected XSS on donate.mozilla.org: https://donate.mozilla.org/page/event/rsvp_email_preview?type=html&data=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E Thanks, Luca
Hi Luca, thanks for reporting. I am confirming this as it works as expected for me. We'll get a developer looking at it shortly. Thanks, Matt
Status: UNCONFIRMED → NEW
Ever confirmed: true
I'm cc'ing Seth on this since this is a BSD form. Seth, can you have your team look at this, it's about as classic as an XSS can get; it treats any input as trusted text directly on the page. Thanks, Matt
We will take a look.
Seth, any progress figuring this out, and comments on security rating?
We have pushed a patch to address this.
This bug appears to be resolved.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Summary: XSS on donate.mozilla.org → XSS on donate.mozilla.org (event/rspv_email_preview)
Summary: XSS on donate.mozilla.org (event/rspv_email_preview) → XSS on donate.mozilla.org (event/rsvp_email_preview)
You need to log in before you can comment on or make changes to this bug.