Closed Bug 976945 Opened 11 years ago Closed 10 years ago

Everygain Translator - Unsanitized raw remote data assigned to innerHTML

Categories

(addons.mozilla.org :: Security, defect)

Product:
addons.mozilla.org
Component:
Security
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: diegocr, Assigned: kmag)

References

(
URL
)

Details

Check the pointed URL. There and around that file you can find several jQuery.ajax() calls whose response is used - apparently without any sanitation - to construct DOM trees which are being injected into the websites by using jQuery's .html() method.
Yes, it looks like that review needs to be reverted. Over to Kris for verification and action.
Assignee: nobody → kmaglione+bmo
This has been an issue in every approved version to-date. If we're going to disable any of them, we're going to need to disable all of them.
In that case I think it's best to tell them about it and give them a hard deadline before disabling.
Developer has been notified that he has a week to comply.
All public versions have now been disabled.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.