If you discover an issue which may be exploited to weaken any of the security guarantees NoScript users rely upon (e.g. a XSS or ABE bypass, or a way to execute active content on a forbidden page) please report it privately through this channel.
A fix will be released within 24 hours in the beta channel, and if validated will be pushed to the stable channel. Please keep your finding embargoed at least one week, until the vast majority of NoScript users are reached by the automatic update.
Thank you!
Reporting Security-sensitive NoScript bugs.
- Giorgio Maone
- Site Admin
- Posts: 9476
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Reporting Security-sensitive NoScript bugs.
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:33.0) Gecko/20100101 Firefox/33.0
Re: Reporting Security-sensitive NoScript bugs.
Locking because this isn't intended for discussion and the spammers have discovered this.
*Always* check the changelogs BEFORE updating that important software!
-