[Webkit-unassigned] [Bug 32252] New: Universal XSS in Rekonq inherited from QtDemoBrowser?
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 7 15:15:28 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=32252
Summary: Universal XSS in Rekonq inherited from QtDemoBrowser?
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
URL: https://bugs.kde.org/show_bug.cgi?id=217464
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebKit Qt
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: webkit at machine.org.uk
Please see https://bugs.kde.org/show_bug.cgi?id=217464, specifically the
description and comment #2. Essentially, Rekonq and QtDemoBrowser quote
unresolvable/unaccesible URLs verbatim in their error message. For sites that
set wildcard domain'd cookies (for example Twitter) these can be stolen by
requesting a web page such as
http://thisdomainwillnotresolveandrekonqerrorpagewillbeshownwithfullurlembedded.twitter.com/"><script>alert(document.cookies)</script>.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list