Again, how is that any different from you saving the contents of that <script> call to foo.html and opening that in Firefox? It's not even a self-XSS where you're impacting some other domain, as the null principal is loaded (as per https://bugzilla.mozilla.org/show_bug.cgi?id=656433), so it doesn't have permissions on the currently-loaded page. ~reed On Mon, Jan 11, 2016 at 1:39 AM, Song-Dl Team <iedb.team@xxxxxxxxx> wrote: > The vulnerability, our xss code for local runs in Mozilla web browser. > The vulnerability is local and based on the: data: text / html is on version > 44.0 beta and the old version, the answer will be. > Run xss code in btowser and to giv a coockie graber as atacker and run > > در تاریخ ۱۱ ژانویهٔ ۲۰۱۶ ۱۳:۰۶، "Reed Loden" <reed@xxxxxxxxxxxxx> نوشت: > >> Isn't this just you running that HTML locally (using data: to create a >> page, rather than just loading a local .html file)? >> >> How is this a security issue? What are you able to "exploit" by doing >> this? >> >> ~reed >> >> On Sun, Jan 10, 2016 at 11:08 PM, <iedb.team@xxxxxxxxx> wrote: >>> >>> Mozilla Firefox 44.0b2 7 and Old Version Local Cross-site Scripting >>> Vulnerability >>> >>> >>> >>> ################################# >>> >>> # >>> # @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ >>> @@@@@@@ >>> # @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ >>> @@@@@@@@ >>> # @@@ @@@ @@@ @@ @@@ @@ @@@ >>> @@@ @@@ >>> # @@@ @@@ @@@ @@ @@@ @@ @@@ >>> @@@ @@@ >>> # @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ >>> @@@@@@ >>> # @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ >>> @@@@@@ >>> # @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ >>> @@@ @@@ >>> # @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ >>> @@@ @@@ >>> # @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@ >>> @@@ @@@ >>> # >>> >>> ##################################### >>> >>> Iranian Exploit DataBase >>> TiTle : Mozilla Firefox 44.0b2 Local Cross-site Scripting Vulnerability >>> Affected Product : Mozilla Firefox 44.0b2 7 and Old Version >>> Risk : High >>> Tested on : Android,Windows7,Xp >>> Vendor site : http://mozilla.org >>> Author : Amir >>> Email : Iedb.team@xxxxxxxxx >>> Home : http://iedb.ir - http://xssed.ir >>> Archive Exploit : http://iedb.ir/exploits.php?id=4505 >>> ##################################### >>> Description : >>> >>> The vulnerability, our xss code for local runs in Mozilla web browser. >>> The vulnerability is local and based on the: data: text / html is on >>> version 44.0 beta and the old version, the answer will be. >>> >>> Users can xss code with Base64 algorithm Encode it to the browser, and >>> the variable data: text / html; base64, added. >>> >>> Example : >>> Xss Code : '"><script>alert('IeDb.Ir And Xssed.Ir')</script> >>> We're Encode This code : >>> >>> JyI+PHNjcmlwdD5hbGVydCgnaHR0cDovL2llZGIuaXIgJiBodHRwOi8veHNzZWQuaXIgKiBBbWlyIConKTwvc2NyaXB0Pg== >>> And to this we add the code Xss and then we run in the browser: >>> data:text/html;base64,[Xss Encoded] >>> >>> Demo : >>> >>> data:text/html;base64,JyI+PHNjcmlwdD5hbGVydCgnaHR0cDovL2llZGIuaXIgJiBodHRwOi8veHNzZWQuaXIgKiBBbWlyIConKTwvc2NyaXB0Pg== >>> >>> Run To Mozilla >>> >>> Photo: >>> >>> http://iedb.ir/Bug/Mozilla.jpg >>> >>> ##################################### >>> Thanks to all the friends and Iranian hackers, and thank all the members >>> http://Iedb.Ir And IrIsT.Ir Team >>> Home : http://iedb.ir - http://xssed.ir - http://iedb.ir/acc >>> http://iedb.ir : This site, for recording bugs and vulnerabilities and >>> exploits will be in it.(Iranian Exploit DataBase) >>> http://Xssed.Ir : On this site, all bugs Xss and Sql which sites are >>> placed.Be sure to check the site and sites vulnerable to it. >>> ##################################### >>> Archive Exploit : http://iedb.ir/exploits.php?id=4505 >>> ##################################### >> >> >
