[tor-bugs] #14037 [Website]: Attention!!! XSS In http://db.torproject.org/...
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 28 14:49:16 UTC 2014
#14037: Attention!!! XSS In http://db.torproject.org/...
-----------------------------------+-----------------------------------
Reporter: mahitman | Owner: Muhammad Abdullah
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Website | Version:
Keywords: XSS,website,subdomain | Actual Points:
Parent ID: | Points:
-----------------------------------+-----------------------------------
hi
I have found XSS(Cross Site Scripting) bug in one of your subdomain...
The bug exists in the following link..
https://db.torproject.org/search.cgi?authtoken=1%22%3E%3Ciframe%20src=%27%27%20onload=prompt%28document.domain%29%3E&id=
kindly fix, to ensure the security of your domain...
Hopping to get a bounty..
Regards
Muhammad Abdullah
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14037>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list