Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How I can contact mozila website security team?

more options

Hello everyone,

My name is KOUTROUSS and I'm a security researcher . I'm just wanna inform you that I have discovered a issue (XSS vulnerability) in mozila website "http://mozila.org". and this issue guys can use it to hack accounts of the users of your website "http://mozila.org", and phishing the users to other links to stole accounts by the name of your website,cookie.....

So guys Can you told me the eamil of mozila website security team?

All Replies (4)

more options

See For Developers: Contacting Mozilla

more options

"mozila.org" is not currently controlled by mozilla.org, but appears to be someone domain squatting.

Assuming you have made a typo and you meant mozilla.org, cor-el is correct with the following link:

Quoting from the link above:

If you believe that you've found a Mozilla-related security vulnerability, please report it by sending email to the address security@mozilla.org. Note that your report may be eligible for a reward; see below. For more information on how to report security vulnerabilities and how the Mozilla community will respond to such reports, see our policy for handling security bugs.

more options

This about a issue with mozilla.org page and not say Firefox though.

Would not a security bug filed for www.mozilla.org be a away to bring attention and track this. https://bugzilla.mozilla.org/enter_bug.cgi#h=otherProducts|

more options

security@mozilla.org is all mozilla security issues, and not just firefox.

Emailing security@mozilla.org ensures that someone on the security team sees the issue and assign it to the right team. When people report security issues via bug directly and do not report it to the right product/component, such as the one suggested above, it may not be addressed in a timely manner.

Thanks for understanding,

Michael Henry (:tinfoil) aka neoCrimeLabs

Mozilla OpSec Analyst

Modified by Michael Henry (:tinfoil)