Computer Security
[EN] securityvulns.ru no-pyccku


Firefox password manager form information leak
Published:23.11.2006
Source:
SecurityVulns ID:6855
Type:client
Threat Level:
4/10
Description:Password manager doesn't check form destination. It makes it possible for attacker to retrieve saved paramters, including saved login/password if he can insert form into content of the site.
Affected:MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
Files:Cross-Site Forms + Password Manager = Security Failure

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod