Closed Bug 949446 Opened 11 years ago Closed 11 years ago

Source Code Disclosure of every possible project

Categories

(Websites :: other.mozilla.org, defect)

Product:
Websites
Component:
other.mozilla.org
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: shpendk13, Unassigned)

Details

(Keywords: reporter-external)

User Agent: Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36 Steps to reproduce: Bascilly, by going to http://viewvc.svn.mozilla.org/vc/projects/ you can view the source code of every website and project of mozilla. Not sure if this is supposed to be like this , or this is a major information disclosure vulnerability? Actual results: Went to http://viewvc.svn.mozilla.org/vc/projects/ and i can see all source code of all projects. No access controls at all. Expected results: Don't know, maybe ask for email&password combination
Mozilla is open sournce, we share everything.
Group: websites-security
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → WONTFIX
Alright then, i thought so but reported just in case :).
Component: blog.mozilla.org → other.mozilla.org
More of it is at https://github.com/mozilla/ if your curious.
More, including Firefox source code, on https://hg.mozilla.org/ And even some still on http://bonsai.mozilla.org/cvsqueryform.cgi !
Oh boy! Now I have access to everything!
That's fun, right?
in order to prevent further off-topic/advocacy comments, i'm restricting comments on this bug.
Restrict Comments: true
You need to log in before you can comment on or make changes to this bug.