XSS alert from Yahoo?

Ask for help about NoScript, no registration needed to post
Post Reply
nagan
Senior Member
Posts: 340
Joined: Thu Mar 26, 2009 11:05 am

XSS alert from Yahoo?

Post by nagan »

This is the site http://in.news.yahoo.com/43/20100311/90 ... n-top.html

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [http://cm.in.overture.com/js_1_0/?config=2934362720&ctxtId=pa_001_in%2Cpa_012_in%2Cpa_013_in%2Cpa_014_in%2Cpa_015_in%2Cpa_016_in%2Cpa_017_in%2Cpa_018_in%2Cpa_019_in&ctxtKeywords=yahoo%2Bmail%2Cgmail%2Cwww.gmail.com%2Cgmail.com%2Cwww.rediffmail.com%2Cnew%2Bhindi%2Bsongs%2Cfree%2Chotmail.com%2Cwww.hotmail.com%2Cmail%2Cfree%2Bwallpapers%2Csongs%2Cyahoo%2Bmessenger%2Cgoogle%2Bmail%2Cyahoo%2Bmail%2Blogin%2Clatest%2Bmovies%2Cmusic%2Bdownloads%2Cmail%2Chotmail%2Casp%2Bhosting%2Casp%2Bnet%2Bweb%2Bhosting%2Casp%2Bweb%2Bhosting%2Cavailable%2Bdomain%2Cavailable%2Bdomain%2Bnames%2Cbest%2Bdomain%2Bname%2Bregistration&keywordCharEnc=utf8&mkt=in&source=yahoo_movies_in_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fin.movies.yahoo.com%2F&ctxtCat=default_movies&tg=1&bc=dedede&uc=0084dc&refUrl=http%3A%2F%2Fin.yahoo.com%2F%3Fp%3Dus%26r0%3D1268314951&du=1&cb=1268315169493&ctxtContent=%3Chead%3E%3C%2Fhead%3E%3Cbody%3E%3Cscript%20language%3D%22JavaScript%22%3E%0Actxt_ad_width%20%3D%20728%3B%0Actxt_ad_height%20%3D%2090%3B%0Actxt_ad_market%20%3D%20%27in%27%3B%0Actxt_ad_url%20%3D%20%27http%3A%2F%2Fin.movies.yahoo.com%2F%27%3B%0Actxt_ad_interface%20%3D%20%27http%3A%2F%2Fcm.in.overture.com%2Fjs_1_0%2F%27%3B%0Actxt_ad_config%20%3D%20%272934362720%27%3B%0Actxt_ad_source%20%3D%20%27yahoo_movies_in_ctxt%27%3B%0Actxt_ad_url_cat%20%3D%20%27default_movies%27%3B%0Actxt_ad_id%3D%5B%27pa_001_in%27%2C%27pa_012_in%27%2C%27pa_013_in%27%2C%27pa_014_in%27%2C%27pa_015_in%27%2C%27pa_016_in%27%2C%27pa_017_in%27%2C%27pa_018_in%27%2C%27pa_019_in%27%5D%3B%0A%2F%2Fctxt_ad_id_rotate%3D%5B%27pa_007_in%27%2C%27pa_016_in%27%5D%3B%0Actxt_a] requested from [http://in.movies.yahoo.com/ysmload.html]. Sanitized URL: [http://cm.in.overture.com/js_1_0/?config=2934362720&ctxtId=pa_001_in%2Cpa_012_in%2Cpa_013_in%2Cpa_014_in%2Cpa_015_in%2Cpa_016_in%2Cpa_017_in%2Cpa_018_in%2Cpa_019_in&ctxtKeywords=yahoo%2Bmail%2Cgmail%2Cwww.gmail.com%2Cgmail.com%2Cwww.rediffmail.com%2Cnew%2Bhindi%2Bsongs%2Cfree%2Chotmail.com%2Cwww.hotmail.com%2Cmail%2Cfree%2Bwallpapers%2Csongs%2Cyahoo%2Bmessenger%2Cgoogle%2Bmail%2Cyahoo%2Bmail%2Blogin%2Clatest%2Bmovies%2Cmusic%2Bdownloads%2Cmail%2Chotmail%2Casp%2Bhosting%2Casp%2Bnet%2Bweb%2Bhosting%2Casp%2Bweb%2Bhosting%2Cavailable%2Bdomain%2Cavailable%2Bdomain%2BNAMEs%2Cbest%2Bdomain%2BNAME%2Bregistration&keywordCharEnc=utf8&mkt=in&source=yahoo_movies_in_ctxt&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fin.movies.yahoo.com%2F&ctxtCat=default_movies&tg=1&bc=dedede&uc=0084dc&refUrl=http%3A%2F%2Fin.yahoo.com%2F%3Fp%3Dus%26r0%3D1268314951&du=1&cb=1268315169493&ctxtContent=%20head%3E%20%2Fhead%3E%20body%3E%20script%20language%20%20JavaScript%20%3E%20ctxt_ad_width%20%20%20728%3B%20ctxt_ad_height%20%20%2090%3B%20ctxt_ad_market%20%20%20%20in%20%3B%20ctxt_ad_url%20%20%20%20http%3A%2F%2Fin.movies.yahoo.com%2F%20%3B%20ctxt_ad_interface%20%20%20%20http%3A%2F%2Fcm.in.overture.com%2Fjs_1_0%2F%20%3B%20ctxt_ad_config%20%20%20%202934362720%20%3B%20ctxt_ad_source%20%20%20%20yahoo_movies_in_ctxt%20%3B%20ctxt_ad_url_cat%20%20%20%20default_movies%20%3B%20ctxt_ad_id%20%20%20pa_001_in%20%2C%20pa_012_in%20%2C%20pa_013_in%20%2C%20pa_014_in%20%2C%20pa_015_in%20%2C%20pa_016_in%20%2C%20pa_017_in%20%2C%20pa_018_in%20%2C%20pa_019_in%20%20%3B%20%2F%2Fctxt_ad_id_rotate%20%20%20pa_007_in%20%2C%20pa_016_in%20%20%3B%20ctxt_a#5975731712990012429].
Dreams are REAL possibilities. Pursue them with zest and you can make them HAPPEN!
You are GOD.Realize THAT!
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
Top
User avatar
Giorgio Maone
Site Admin
Posts: 9524
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:
Contact Giorgio Maone

Re: XSS alert from Yahoo?

Post by Giorgio Maone »

Why did you whitelist overture.com, or at least didn't you adblock it?
Anyway, the XSS filter triggers because that URL does contain a huge syntactically valid JavaScript fragment, i.e.

Code: Select all

ctxt_ad_width = 728;
ctxt_ad_height = 90;
ctxt_ad_market = 'in';
ctxt_ad_url = 'http://in.movies.yahoo.com/';
ctxt_ad_interface = 'http://cm.in.overture.com/js_1_0/';
ctxt_ad_config = '2934362720';
ctxt_ad_source = 'yahoo_movies_in_ctxt';
ctxt_ad_url_cat = 'default_movies';
ctxt_ad_id=['pa_001_in','pa_012_in','pa_013_in','pa_014_in','pa_015_in','pa_016_in','pa_017_in','pa_018_in','pa_019_in'];
//ctxt_ad_id_rotate=['pa_007_in','pa_016_in'];
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
Top
Post Reply

Return to “NoScript Support”