BugBounty - Found directory listing

RESOLVED INVALID

Status

RESOLVED INVALID
6 years ago
5 years ago

People

(Reporter: mriazebrahim, Unassigned)

Tracking

Bug Flags:
sec-bounty -

Details

(Whiteboard: [site:people.mozilla.org][reporter-external])

(Reporter)

Description

6 years ago
Found directory listing vulnerability on your domain. Please fix this issue

http://people.mozilla.org/~sfink/v8/deltablue/
people.mozilla.org or .com is, as the domain indicates, a server used by people at mozilla for testing and other possibly unsafe content.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 6 years ago
Keywords: wsec-disclosure
Resolution: --- → INVALID

Comment 3

6 years ago
Is directory listing on people opt-in or opt-out?
You have to create the public_html directory on your own, but the apache settings default to creating a directory listing.
Component: Security Assurance: Applications → Other
Product: mozilla.org → Websites
Flags: sec-bounty-
Keywords: wsec-disclosure
OS: Windows 7 → All
Hardware: x86_64 → All
Whiteboard: [site:people.mozilla.org][reporter-external]
You need to log in before you can comment on or make changes to this bug.