Closed
Bug 842298
Opened 12 years ago
Closed 12 years ago
While surfing https://bugzilla.mozilla.org i have found the critical flow in that website and that is xss.
Categories
(Bugzilla :: Creating/Changing Bugs, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 842038
People
(Reporter: thesiddharthsolanki, Unassigned)
Details
(Keywords: reporter-external)
Attachments
(1 file)
|
68.51 KB,
image/jpeg
|
Details |
bug.JPG
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
Build ID: 20130201065344
Steps to reproduce:
While surfing https://bugzilla.mozilla.org i have found the critical flow in that website and that is xss.
Actual results:
While surfing https://bugzilla.mozilla.org i have found the critical flow in that website and that is xss. you can see here how the bug looks like https://bugzilla.mozilla.org/show_bug.cgi?id=316232%22%3E%3Cscript%3Ealert%28%27XSS%20found%20by%20siddharth%27%29%3C%2Fscript%3E&format=123
i hope this kind of the information will help you to make mozilla more safe :)
Expected results:
it should not popup message box
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
|
||
Updated•12 years ago
|
Assignee: nobody → create-and-change
Component: General → Creating/Changing Bugs
Product: bugzilla.mozilla.org → Bugzilla
QA Contact: default-qa
Version: Development/Staging → 2.10
|
||
Comment 2•12 years ago
|
||
sid: can you tell us exactly how you found this bug? This bug has now been reported three times within 3 days, so it seems to me to be unlikely that all 3 reporters found it independently. Were you tipped off by someone else? Did you use some sort of scanner?
Gerv
(In reply to Gervase Markham [:gerv] from comment #2)
> sid: can you tell us exactly how you found this bug? This bug has now been
> reported three times within 3 days, so it seems to me to be unlikely that
> all 3 reporters found it independently. Were you tipped off by someone else?
> Did you use some sort of scanner?
>
> Gerv
I have found this bug manually :'( :( and how can it be duplicate ?
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
this bug has already been reported.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → DUPLICATE
(In reply to Byron Jones ‹:glob› from comment #4)
> this bug has already been reported.
>
> *** This bug has been marked as a duplicate of bug 842038 ***
Okay anyways i will find new bug :((
Resolution: DUPLICATE → INVALID
please don't change the status of this bug, it is a duplicate.
Resolution: INVALID → DUPLICATE
|
|
||
Comment 7•12 years ago
|
||
Please stop playing with the bug status. As glob said, it's a duplicate. Period.
Status: RESOLVED → VERIFIED
|
||
Updated•12 years ago
|
Flags: sec-bounty?
|
|
||
Comment 10•12 years ago
|
||
Bug 842038 has been fixed and is now public. Removing the sec flag.
Group: bugzilla-security
|
|
||
Updated•12 years ago
|
Flags: sec-bounty? → sec-bounty-
|
||
Updated•8 months ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•