Closed Bug 804146 Opened 12 years ago Closed 12 years ago

XSS via PHP

Categories

(Core :: General, defect)

defect
Not set
normal

Tracking

()

RESOLVED INVALID

People

(Reporter: curtisk, Unassigned)

Details

Hello. I found Firefox has risk of potential XSS. If the tag like below in html file, <script src="http://packetmonster.com@bogus.jp/x"></script> Firefox read http://bogus.jp/x directory (no alert) It can force to read external JavaScript code. ---------------------------------- This php script has risk of potential XSS. <?php $base="http://packetmonster.com"; echo '<script src="'.htmlspecialchars($base.$_GET["file"]).'"></script>'; ?> ------------------------------ Usually accessing by such URL is assumed. http://packetmonster.com/scriptsrcxss.php?file=/base.js this URL is possible to execute external JavaScript. http://packetmonster.com/scriptsrcxss.php?file=@bogus.jp/x Regards. - Yuji Tounai bogus@bogus.jp http://twitmatome.bogus.jp/
There is nothing unknown here nor a security risk. Websites can load scripts from other domains as part of the design of the web.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.