白帽子安全文章: Tw-文豆 & 文库

Two of Mozilla’s Cross Reference sub-domains suffer from a cross-site scripting (XSS) vulnerability, according to Wang Jing, a mathematics student from School of Physical and Mathematical Science, Nanyang Technological University, Singapore.

Mozilla are dealing with the vulnerabilities.

Wang said “This means all URLs under the above two domains can be used for XSS attacks targeting Mozilla’s users,”

Details:

https://www.hotforsecurity.com/blog/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains-10607.html

https://seclists.org/fulldisclosure/2014/Oct/92

https://www.tetraph.com/blog/xss-vulnerability/mozilla-mozilla-org-two-sub-domains-cross-reference-xss-vulnerability-all-urls-under-the-two-domains/

热度(4) 转载自：白帽子

文豆 & 文库

评论

热度(4)