InformAction Forums

Posted: **Sun May 31, 2009 10:45 pm**

Hi users of NoScript,

Re: http://forum.avast.com/index.php?topic= ... #msg383401

This vulnerability was found up:

 http://www.avast.nl/web/index.php?pageId=33&mode="><script>alert(String.fromCharCode(88,83,83))</script>

by MethodMan
Firekeeper alerts like mad when I try to give in this request in google:

Code: Select all

<script>alert(String.fromCharCode(88,83,83))</script>

XXS & Iframe injection flaw.
This should be covered by NoScript, is that so?

luntrus

Posted: **Sun May 31, 2009 11:16 pm**

Yes, that's a basic XSS PoC.
It's innocuous if you've got JavaScript disabled on that page, but if you've got it enabled it's immediately detected and neutralized by NoScript's XSS protection.

Posted: **Mon Jun 01, 2009 10:00 pm**

Confirmed, it gets caught just fine should scripting be allowed. Also keep in mind as Giorgio has said in the past, and forgive me if I am misquoting, can't find the exact post or PM, but NoScript also evaluates the threat of an XSS and intercepts it when malicious. I had sent some test cases that were not malicious and wondering why they weren't' caught and Giorgio was kind enough to enlighten me that NS only gets involved when its malicious, otherwise no point since its doing no harm.

InformAction Forums

Does NoScript protect us here?

Does NoScript protect us here?

Re: Does NoScript protect us here?

Re: Does NoScript protect us here?