infrastructure
/
blender-org
4
3
Fork 1
Code Issues 6 Pull Requests Projects Releases Wiki Activity

Report: a Vulnerabilities in Blender website! #41540

New Issue
Closed
opened 2014-08-22 12:32:19 +02:00 by Koutrouss Naddara · 5 comments
Koutrouss Naddara commented 2014-08-22 12:32:19 +02:00
Copy Link

System Information
Operating system and graphics card

Blender Version
Broken: (example: 2.69.7 4b206af, see splash screen)
Worked: (optional)

Short description of error

Exact steps for others to reproduce the error
Based on a (as simple as possible) attached .blend file with minimum amount of steps

Hi,
I'm Koutrouss & I'm a security Ressearcher,
I wanna inform you that I did found a xss Vulnerability in your
website 'Blender'
So if u are aintersting about that, Just reply to me, & I will be very
happy to give you all the details you will need them

& Out of curiosity; I am just wondering when u will fix this bug, & if
there is any possiblity for me to get a reward ofr that, even if It's
a small reward
or aknowledgment of my name as a reporter a bug in your website

waiting ur reply :)

Sincerely,
Koutrouss Naddara

**System Information** Operating system and graphics card **Blender Version** Broken: (example: 2.69.7 4b206af, see splash screen) Worked: (optional) **Short description of error** **Exact steps for others to reproduce the error** Based on a (as simple as possible) attached .blend file with minimum amount of steps Hi, I'm Koutrouss & I'm a security Ressearcher, I wanna inform you that I did found a xss Vulnerability in your website 'Blender' So if u are aintersting about that, Just reply to me, & I will be very happy to give you all the details you will need them & Out of curiosity; I am just wondering when u will fix this bug, & if there is any possiblity for me to get a reward ofr that, even if It's a small reward or aknowledgment of my name as a reporter a bug in your website waiting ur reply :) Sincerely, Koutrouss Naddara
Koutrouss Naddara commented 2014-08-22 12:32:19 +02:00
Author
Copy Link

Changed status to: 'Open'

Changed status to: 'Open'
Koutrouss Naddara self-assigned this 2014-08-22 12:32:19 +02:00
Koutrouss Naddara commented 2014-08-22 12:32:19 +02:00
Author
Copy Link

Added subscriber: @koutrouss

Added subscriber: @koutrouss
Koutrouss Naddara was unassigned by Bastien Montagne 2014-08-22 12:59:11 +02:00
Bastien Montagne commented 2014-08-22 12:59:11 +02:00
Copy Link

Added subscribers: @fsiddi, @pablovazquez

Added subscribers: @fsiddi, @pablovazquez
Bastien Montagne commented 2014-08-22 13:20:48 +02:00
Copy Link

Changed status from 'Open' to: 'Archived'

Changed status from 'Open' to: 'Archived'
Bastien Montagne self-assigned this 2014-08-22 13:20:48 +02:00
Bastien Montagne commented 2014-08-22 13:20:48 +02:00
Copy Link

Please do not report security issues on the tracker, but rather take direct private contact with Blender foundation (contacts are listed on the main site).

Please do not report security issues on the tracker, but rather take direct private contact with Blender foundation (contacts are listed on the main site).
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
features_favicon
download-redesign
features
Labels
Clear labels   
legacy module
Rendering & Cycles

  
legacy module
User Interface

  
legacy project
Cycles

  
legacy project
Documentation

  
legacy project
Infrastructure: blender.org

  
legacy project
Infrastructure: Blender Web Assets

  
legacy project
Infrastructure: Websites

  
legacy project
User Interface

  
Priority
High

  
Priority
Low

  
Priority
Normal

  
Priority
Unbreak Now!

  
Status
Archived

  
Status
Confirmed

  
Status
Duplicate

  
Status
Needs Triage

  
Status
Resolved

  
Type
Bug

  
Type
Design

  
Type
Known Issue

  
Type
Report

  
Type
To Do

No Label
legacy module
Rendering & Cycles
legacy module
User Interface
legacy project
Cycles
legacy project
Documentation
legacy project
Infrastructure: blender.org
legacy project
Infrastructure: Blender Web Assets
legacy project
Infrastructure: Websites
legacy project
User Interface
Priority
High
Priority
Low
Priority
Normal
Priority
Unbreak Now!
Status
Archived
Status
Confirmed
Status
Duplicate
Status
Needs Triage
Status
Resolved
Type
Bug
Type
Design
Type
Known Issue
Type
Report
Type
To Do
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
Bastien Montagne
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: infrastructure/blender-org#41540
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?