白帽子安全

白帽子文章
计算机安全
安全漏洞
网络攻击

© 白帽子安全 | Powered by LOFTER

Two of Mozilla’s Cross Reference sub-domains suffer from a cross-site scripting (XSS) vulnerability, according to Wang Jing, a mathematics student from School of Physical and Mathematical Science, Nanyang Technological University, Singapore.

Mozilla are dealing with the vulnerabilities.

Wang said “This means all URLs under the above two domains can be used for XSS attacks targeting Mozilla’s users,”




Details:

http://www.hotforsecurity.com/blog/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains-10607.html

http://seclists.org/fulldisclosure/2014/Oct/92

http://www.tetraph.com/blog/xss-vulnerability/mozilla-mozilla-org-two-sub-domains-cross-reference-xss-vulnerability-all-urls-under-the-two-domains/



评论
热度 ( 4 )
  1. 白帽子安全白帽子安全 转载了此文字  到 湛天雲海碧波影
  2. 點滴的記錄白帽子安全 转载了此文字
  3. 白帽子安全白帽子安全 转载了此文字  到 文豆 & 文库
  4. 點滴的記錄白帽子安全 转载了此文字  到 数学日记