"Cross site scripting XSS" visited 100th of times

[MoFF]

Hello,
First off I'm literately very, very happy that NoScript exists, as I feel practically naked when on a comp without it!
But... I'm playing League of Legends, and have been visiting a guide site called "mobafire.com" 100th of times, and there has never been anything.

Now I get "Noscript filtered a potential cross-site script XSS attempt from mobafire.com"

I've uploaded 2 screenshots, one of the NoScript console and one of mobafire.com showing the actual message.

http://imageshack.dk/viewimage.php?file ... 741538.png
NoScript console

http://imageshack.dk/viewimage.php?file ... 741672.png
Screen of site in question.

Thank you in advance!

[barbaz]

Does the site still work properly despite the XSS warning?
If not, could you please post the messages from the Browser Console that start with [NoScript ?

[MoFF]

There was a short period where it didn't, but now it does, still displaying the same message, though.

Is this the NoScript console?

http://imageshack.dk/viewimage.php?file ... 746970.png

Thank you for your help!

[barbaz]

You are looking in the right place but those aren't the related messages...
Look there for messages that start with

[NoScript

and post those here in code tags (or upload as another screenshot if you're tripping the spam filter)

[Guest]

Could it be this you're looking for?

http://imageshack.dk/viewimage.php?file ... 748389.png

[barbaz]

Yep that's it. Looks related to ads. Maybe could be malvertising of sorts...
Whether there's really XSS or any threat at all, I don't know, but I'd suggest you leave it alone and thank NoScript for potentially saving you.
You might also want to consider reporting this to the webmaster in case the site's been hacked.

[Guest]

Yep that's it. Looks related to ads. Maybe could be malvertising of sorts...
Whether there's really XSS or any threat at all, I don't know, but I'd suggest you leave it alone and thank NoScript for potentially saving you.
You might also want to consider reporting this to the webmaster in case the site's been hacked.

First off, I wanna apologize for not replying earlier, now that you have been this active in topic to help me out!! I really appreciate it!
But I just finished some exams, and pulled the plug on my net, not to get distracted

Think I will try to contact their support, and tell them about this - no matter what it's not gonna hurt


Now I get to a second question; I can't login now? I can see what my username is on the topic, and I'm absolutely sure what email I registered with, but it doesn't recognize my email and/or username.
Getting this message "The e-mail/username information submitted could not be found."

Think I will donate some more after this excellent and fast support!

[barbaz]

Thanks for the kind words, but (at least as of this writing) I'm not part of the official Support Team, or even a moderator, so I'm not able to help get your login working, sorry.

[Guest]

Yep that's it. Looks related to ads. Maybe could be malvertising of sorts...
Whether there's really XSS or any threat at all, I don't know, but I'd suggest you leave it alone and thank NoScript for potentially saving you.
You might also want to consider reporting this to the webmaster in case the site's been hacked.

First off, I wanna apologize for not replying earlier, now that you have been this active in topic to help me out!! I really appreciate it!
But I just finished some exams, and pulled the plug on my net, not to get distracted

Think I will try to contact their support, and tell them about this - no matter what it's not gonna hurt


Now I get to a second question; I can't login now? I can see what my username is on the topic, and I'm absolutely sure what email I registered with, but it doesn't recognize my email and/or username.
Getting this message "The e-mail/username information submitted could not be found."

Think I will donate some more after this excellent and fast support!

[Thrawn]

@Guest: The username you used earlier is not linked to an account; you posted anonymously. Notice that barbaz' name and mine are hyperlinks to our profile pages, but yours is plain text. Feel free to register it if you wish.

[MoFF]

Ahh ok hehe
Done ^^