This is old stuff, which i should have posted before, discovered in Mozilla websites several weeks ago:
- bugzilla.mozilla.org: CSRF (saved searches).
- creative.mozilla.org: CSRF (user profile).
- developer.mozilla.org: Plain text password disclosure.
I will provide some details about them.
1. CSRF (saved searches) in bugzilla.mozilla.org
Description: Saved searches for bugzilla user's panel are not protected against CSRF attacks and it could be used to add bullshit.
This vulnerability affects to Bugzilla (bug tracking system of mozilla foundation) <= 3.2.9, 3.4.9, 3.6.3, and 4.0rc1Screenshot:
2. CSRF (user profile) in creative.mozilla.org
Description: User profile could be changed using a CSRF attack.
3. Plain text password disclosure in developer.mozilla.org
PoC: Register to developer.mozilla.org and then, come back to check your mail. This site sent your password in plain text.
Description: MDC sent your password in plain text.
And yep, my MDC password contains an "e".
On the other hand, Mozilla security team solves these issues quickly.
That's all. Be safe ;)