This thread was archived. Please ask a new question if you need help.
How I can contact mozila website security team?
My name is KOUTROUSS and I'm a security researcher . I'm just wanna inform you that I have discovered a issue (XSS vulnerability) in mozila website "http://mozila.org". and this issue guys can use it to hack accounts of the users of your website "http://mozila.org", and phishing the users to other links to stole accounts by the name of your website,cookie.....
So guys Can you told me the eamil of mozila website security team?
All Replies (4)
Assuming you have made a typo and you meant mozilla.org, cor-el is correct with the following link:
Quoting from the link above:
If you believe that you've found a Mozilla-related security vulnerability, please report it by sending email to the address email@example.com. Note that your report may be eligible for a reward; see below. For more information on how to report security vulnerabilities and how the Mozilla community will respond to such reports, see our policy for handling security bugs.
This about a issue with mozilla.org page and not say Firefox though.
Would not a security bug filed for www.mozilla.org be a away to bring attention and track this. https://bugzilla.mozilla.org/enter_bug.cgi#h=otherProducts|
firstname.lastname@example.org is all mozilla security issues, and not just firefox.
Emailing email@example.com ensures that someone on the security team sees the issue and assign it to the right team. When people report security issues via bug directly and do not report it to the right product/component, such as the one suggested above, it may not be addressed in a timely manner.
Thanks for understanding,
Michael Henry (:tinfoil) aka neoCrimeLabs
Mozilla OpSec Analyst
Modified by Michael Henry (:tinfoil)