Closed
Bug 976945
Opened 11 years ago
Closed 10 years ago
Everygain Translator - Unsanitized raw remote data assigned to innerHTML
Categories
(addons.mozilla.org :: Security, defect)
addons.mozilla.org
Security
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: diegocr, Assigned: kmag)
References
()
Details
Check the pointed URL. There and around that file you can find several jQuery.ajax() calls whose response is used - apparently without any sanitation - to construct DOM trees which are being injected into the websites by using jQuery's .html() method.
Comment 1•11 years ago
|
||
Yes, it looks like that review needs to be reverted. Over to Kris for verification and action.
Assignee: nobody → kmaglione+bmo
Assignee | ||
Comment 2•11 years ago
|
||
This has been an issue in every approved version to-date. If we're going to disable any of them, we're going to need to disable all of them.
Comment 3•11 years ago
|
||
In that case I think it's best to tell them about it and give them a hard deadline before disabling.
Assignee | ||
Comment 4•11 years ago
|
||
Developer has been notified that he has a week to comply.
Assignee | ||
Comment 5•10 years ago
|
||
All public versions have now been disabled.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
tracking-b2g:
backlog → ---
You need to log in
before you can comment on or make changes to this bug.
Description
•