29115 – A bug report about Cross Site Scripting - XSS.

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 29115 - A bug report about Cross Site Scripting - XSS.

Summary: A bug report about Cross Site Scripting - XSS.

Status:	ASSIGNED

Alias:	None

Product:	Bugzilla
Classification:	Unclassified
Component:	accessibility (show other bugs)
Version:	unspecified
Hardware:	PC Windows NT

Importance:	P2 normal
Target Milestone:	---
Assignee:	This bug has no owner yet - up for the taking
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-09-07 06:31 UTC by Khalid Faisal
Modified:	2016-01-24 11:00 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
This is a ScreenShot about the bug report. (3.97 KB, image/png) 2015-09-07 06:31 UTC, Khalid Faisal	Details
Its crowdflower,com tasks i downloaded to do tasks in the inbox dollars sight. i downloaded it from the chrome store. its completely safe! pls fix it! it is an attachment. (97 bytes, text/plain) 2016-01-23 10:05 UTC, jen1.6.15m	Details

Description Khalid Faisal 2015-09-07 06:31:55 UTC

Created attachment 1623 [details]
This is a ScreenShot about the bug report.

Proof of Concept: http://www.w3.org/new-doc-from-template?location=%2FWAI%2Fintro%2Faccessibility.php%22%3E&template=%2Fafs%2Fw3.org%2Fpub%2FWWW%2FTools%2FTemplates%2Foutlet.html%22%3E%3Cscript%3Eprompt%28document.domain%29%3C/script%3E

Comment 1 jen1.6.15m 2016-01-23 10:05:12 UTC

Created attachment 1634 [details]
Its crowdflower,com tasks i downloaded to do tasks in the inbox dollars sight. i downloaded it from the chrome store. its completely safe! pls fix it! it is an attachment.

Please fix this! i need to use it!