Closed
Bug 1208785
Opened 9 years ago
Closed 9 years ago
Possible security issue with restore last session
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 345345
People
(Reporter: cutukmirza, Unassigned)
Details
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Build ID: 20150826023504
Steps to reproduce:
1. Opened Firefox
2. Opened Facebook
3. Clicked log out button
4. Closed Firefox
5. Opened Firefox
6. Clicked restore last session
7. Facebook opened, logged in (remember password was off, keep me logged in too)
Actual results:
I was logged in to my account without entering a password. This could be a possible problem in a library or a public place, anyone could get a hold of your account easily.
Expected results:
Log in page should have opened, and I shouldn't already be logged in.
Reporter | ||
Comment 1•9 years ago
|
||
Update
This only works if the person doesn't log out, in that case, the account will be logged in when you restore the session, but not if you go to facebook.com manually.
Updated•9 years ago
|
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•