InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

XSS problem at yahoo

https://forums.informaction.com/viewtopic.php?t=21122

Page 1 of 1

XSS problem at yahoo

Posted: Wed Aug 05, 2015 12:07 am
by glentek
Firefox 39.0
NoScript 2.6.9.34

Today I noticed some new and unusual behavior at yahoo. I have yahoo.com whitelisted. At https://www.yahoo.com/, they show a news carousel that displays an assortment of articles that can be viewed. When I select one, I get a "Yahoo! - 403 Forbidden" error with a "NoScript filtered a potential cross-site scripting (XSS) attempt from [https://www.yahoo.com]" notification. The articles can be selected from other parts of the web site, and they display with no problem that way. It is just when the articles are selected from the news carousel from the home page that I get the error.

At the time of this post, an article titled "5 Things to Focus on During a New Car Test Drive" was in the news carousel, and that was what I selected. The contents of the news carousel are continually being changed by yahoo.

Here is the console entry:

Nothing to show." core.js:98
[NoScript InjectionChecker] JavaScript Injection in

///_ylt=AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc=X3oDMThpYjE1dW9mBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgYXV0b3MgdGVzdCBkcml2Z

SB0BGFpZANpZC0zNTY3OTY2BGNjb2RlA2dhBGNwb3MDNARkA3N0BGcDMDg0Y2ZkMTMtZmNkZi0zNGQ5LWE3YTAtYzQ3OTQ2ZDBjMjVhBGludGwD

dXMEaXRjAzAEbHR4dAM1dGhpbmdzdG9mb2N1c29ud2hlbnRlc3QtZHJpdmluZ2FjYXIEcGtndAMxBHBrZ3YDNARwb3MDMgRyA0RaaHVhc0JOa0N

DalBnPT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvYXV0b3MEdGVzdAMyNTQ-/RV=1/RE=143994125

8/RH=aHNyZC55YWhvby5jb20

-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL2F1dG9zLzUtdGhpbmdzLXRvLWZvY3VzLW9uLWR1cmluZy1hLW5ldy1jYXItdGVzdC1kcml2Z

S0xMjU4MDMyMDkwODcuaHRtbA--/RS=%5EADAH_92Ri3mwT_fm6x59ghyZayqoys-
(function anonymous() {
_ylt=AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc=X3oDMThpYjE1dW9mBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgYXV0b3MgdGVzdCBkcml2ZSB0

BGFpZANpZC0zNTY3OTY2BGNjb2RlA2dhBGNwb3MDNARkA3N0BGcDMDg0Y2ZkMTMtZmNkZi0zNGQ5LWE3YTAtYzQ3OTQ2ZDBjMjVhBGludGwDdXM

EaXRjAzAEbHR4dAM1dGhpbmdzdG9mb2N1c29ud2hlbnRlc3QtZHJpdmluZ2FjYXIEcGtndAMxBHBrZ3YDNARwb3MDMgRyA0RaaHVhc0JOa0NDal

BnPT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvYXV0b3MEdGVzdAMyNTQ- /*

COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL

[http://hsrd.yahoo.com/_ylt=AjUJn_eI9nuB ... xNTA4MDQgY

XV0b3MgdGVzdCBkcml2ZSB0BGFpZANpZC0zNTY3OTY2BGNjb2RlA2dhBGNwb3MDNARkA3N0BGcDMDg0Y2ZkMTMtZmNkZi0zNGQ5LWE3YTAtYzQ3

OTQ2ZDBjMjVhBGludGwDdXMEaXRjAzAEbHR4dAM1dGhpbmdzdG9mb2N1c29ud2hlbnRlc3QtZHJpdmluZ2FjYXIEcGtndAMxBHBrZ3YDNARwb3M

DMgRyA0RaaHVhc0JOa0NDalBnPT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvYXV0b3MEdGVzdAMyNT

Q-/RV=1/RE=1439941258/RH=aHNyZC55YWhvby5jb20

-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL2F1dG9zLzUtdGhpbmdzLXRvLWZvY3VzLW9uLWR1cmluZy1hLW5ldy1jYXItdGVzdC1kcml2Z

S0xMjU4MDMyMDkwODcuaHRtbA--/RS=%5EADAH_92Ri3mwT_fm6x59ghyZayqoys-] requested from [https://www.yahoo.com/].

Sanitized URL: [http://hsrd.yahoo.com/_ylt%20AjUJn_eI9n ... bvZx4;_ylc

%20X3oDMThpYjE1dW9mBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgYXV0b3MgdGVzdCBkcml2ZSB0BGFpZANpZC0zNTY3OTY2BGNjb2RlA2dhBGNw

b3MDNARkA3N0BGcDMDg0Y2ZkMTMtZmNkZi0zNGQ5LWE3YTAtYzQ3OTQ2ZDBjMjVhBGludGwDdXMEaXRjAzAEbHR4dAM1dGhpbmdzdG9mb2N1c29

ud2hlbnRlc3QtZHJpdmluZ2FjYXIEcGtndAMxBHBrZ3YDNARwb3MDMgRyA0RaaHVhc0JOa0NDalBnPT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdG

FyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvYXV0b3MEdGVzdAMyNTQ-/RV%201/RE%201439941258/RH%20aHNyZC55YWhvby5jb20-/RO

%202/RU

%20aHR0cHM6Ly93d3cueWFob28uY29tL2F1dG9zLzUtdGhpbmdzLXRvLWZvY3VzLW9uLWR1cmluZy1hLW5ldy1jYXItdGVzdC1kcml2ZS0xMjU4

MDMyMDkwODcuaHRtbA-/RS%20%5EADAH_92Ri3mwT_fm6x59ghyZayqoys-#6377142806602263505].

Re: XSS problem at yahoo

Posted: Wed Aug 05, 2015 12:27 am
by Thrawn
There should be more detail of what was blocked in the Browser Console (Ctrl+Shift+J). Can you post the results here? Or, if the spam filter blocks you, try sending it in a private message to one of the moderators (eg barbaz or myself).

Re: XSS problem at yahoo

Posted: Wed Aug 05, 2015 1:12 am
by glentek
I edited my original post and added the information you requested.

Re: XSS problem at yahoo

Posted: Wed Aug 05, 2015 1:13 am
by glentek
Thrawn wrote:There should be more detail of what was blocked in the Browser Console (Ctrl+Shift+J). Can you post the results here? Or, if the spam filter blocks you, try sending it in a private message to one of the moderators (eg barbaz or myself).
I edited my original post and added the information you requested.

Re: XSS problem at yahoo

Posted: Wed Aug 05, 2015 3:21 am
by Thrawn
It's hard to follow - Giorgio would have a better idea - but that traffic does look suspicious. It looks like the server is trying to set a bunch of variables from the URL, which is a red flag.

Re: XSS problem at yahoo

Posted: Wed Aug 05, 2015 6:40 pm
by barbaz
glentek sent the following console messages to me in PM, posting here in case they're different from what's already posted:

Code: Select all

[NoScript InjectionChecker] JavaScript Injection in ///_ylt=AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc=X3oDMThqZzRvaWkzBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgdHJhdmVsIG5ldyBhaXJsaW5lIHJvdXRlcyB0BGFpZANpZC0zNTY4MDA1BGNjb2RlA2dhBGNwb3MDNgRkA3N0BGcDNDhkYzkxMTYtYjE0ZS0zMGYwLWJmYmMtNDUwYTY0NDU2YmMzBGludGwDdXMEaXRjAzAEbHR4dAMxMW5ld2FpcmxpbmVyb3V0ZXNtYWtlZmx5aW5nY2hlYXBlcgRwa2d0AzEEcGtndgM4BHBvcwMyBHIDRFpodWFzQT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvdHJhdmVsBHRlc3QDMjU0/RV=1/RE=1439992761/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL3RyYXZlbC90aGVzZS0xMS1uZXctYWlybGluZS1yb3V0ZXMtd2lsbC1tYWtlLWZseWluZy0xMjU3ODk0MzgzNjIuaHRtbA--/RS=%5EADAi2bQ.b60Rb2xXlpFsZ4F5DqlhhQ-
(function anonymous() {
_ylt=AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc=X3oDMThqZzRvaWkzBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgdHJhdmVsIG5ldyBhaXJsaW5lIHJvdXRlcyB0BGFpZANpZC0zNTY4MDA1BGNjb2RlA2dhBGNwb3MDNgRkA3N0BGcDNDhkYzkxMTYtYjE0ZS0zMGYwLWJmYmMtNDUwYTY0NDU2YmMzBGludGwDdXMEaXRjAzAEbHR4dAMxMW5ld2FpcmxpbmVyb3V0ZXNtYWtlZmx5aW5nY2hlYXBlcgRwa2d0AzEEcGtndgM4BHBvcwMyBHIDRFpodWFzQT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvdHJhdmVsBHRlc3QDMjU0 /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL [http://hsrd.yahoo.com/_ylt=AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc=X3oDMThqZzRvaWkzBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgdHJhdmVsIG5ldyBhaXJsaW5lIHJvdXRlcyB0BGFpZANpZC0zNTY4MDA1BGNjb2RlA2dhBGNwb3MDNgRkA3N0BGcDNDhkYzkxMTYtYjE0ZS0zMGYwLWJmYmMtNDUwYTY0NDU2YmMzBGludGwDdXMEaXRjAzAEbHR4dAMxMW5ld2FpcmxpbmVyb3V0ZXNtYWtlZmx5aW5nY2hlYXBlcgRwa2d0AzEEcGtndgM4BHBvcwMyBHIDRFpodWFzQT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvdHJhdmVsBHRlc3QDMjU0/RV=1/RE=1439992761/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL3RyYXZlbC90aGVzZS0xMS1uZXctYWlybGluZS1yb3V0ZXMtd2lsbC1tYWtlLWZseWluZy0xMjU3ODk0MzgzNjIuaHRtbA--/RS=%5EADAi2bQ.b60Rb2xXlpFsZ4F5DqlhhQ-] requested from [https://www.yahoo.com/]. Sanitized URL: [http://hsrd.yahoo.com/_ylt%20AjUJn_eI9nuBoxs49Qubx6.bvZx4;_ylc%20X3oDMThqZzRvaWkzBF9TAzIwMjM1MzgwNzUEYQMxNTA4MDQgdHJhdmVsIG5ldyBhaXJsaW5lIHJvdXRlcyB0BGFpZANpZC0zNTY4MDA1BGNjb2RlA2dhBGNwb3MDNgRkA3N0BGcDNDhkYzkxMTYtYjE0ZS0zMGYwLWJmYmMtNDUwYTY0NDU2YmMzBGludGwDdXMEaXRjAzAEbHR4dAMxMW5ld2FpcmxpbmVyb3V0ZXNtYWtlZmx5aW5nY2hlYXBlcgRwa2d0AzEEcGtndgM4BHBvcwMyBHIDRFpodWFzQT0Ec2VjA3RkLWZlYQRzbGsDdGl0bGUEdGFyA3d3dy55YWhvby5jb20EdGFyX3VyaQMvdHJhdmVsBHRlc3QDMjU0/RV%201/RE%201439992761/RH%20aHNyZC55YWhvby5jb20-/RO%202/RU%20aHR0cHM6Ly93d3cueWFob28uY29tL3RyYXZlbC90aGVzZS0xMS1uZXctYWlybGluZS1yb3V0ZXMtd2lsbC1tYWtlLWZseWluZy0xMjU3ODk0MzgzNjIuaHRtbA-/RS%20%5EADAi2bQ.b60Rb2xXlpFsZ4F5DqlhhQ-#9688861300287772385].

Re: XSS problem at yahoo

Posted: Fri Aug 07, 2015 6:33 pm
by laidoff
I've been having the same problem with Yahoo. Here's my console log.

Code: Select all

This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 4bb993d20fc887f6b8f555729b685944eba6d1d3.jpg.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] e79f8b9d1d41ee358f77db2ae2a897a2.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 01c0146e89d099497b363f44e282d8de.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
TypeError: fvd_single_Downloads.statusPage is not a function fvd_single.js:2260:2
[NoScript XSS]: sanitized window.name, "darla_csc_writer_0--%253Cscript%2520language%253Djavascript%253E%250Aif%2528window.xzq_d%253D%253Dnull%2529window.xzq_d%253Dnew%2520Object%2528%2529%253B%250Awindow.xzq_d%255B%2527Jde83NgnOHI-%2527%255D%253D%2527%2528as%2524125m8238i%252Caid%2524Jde83NgnOHI-%252Ccr%2524-1%252Cct%252425%252Cat%2524H%252Ceob%2524gd1_match_id%253D-1%253Aypos%253DMAST%2529%2527%253B%250A%253C/script%253E%253Cscript%2520language%253Djavascript%253E%250Aif%2528window.xzq_d%253D%253Dnull%2529window.xzq_d%253Dnew%2520Object%2528%2529%253B%250Awindow.xzq_d%255B%2527hly83NgnOHI-%2527%255D%253D%2527%2528as%252413am3462j%252Caid%2524hly83NgnOHI-%252Cbi%25242142138551%252Cagp%25243275559051%252Ccr%25244317841051%252Cct%252425%252Cat%2524H%252Ceob%2524gd1_match_id%253D-1%253Aypos%253DLREC%2529%2527%253B%250A%253C/script%253E%253Cscript%2520language%253Djavascript%253E%250Aif%2528window.xzq_d%253D%253Dnull%2529window.xzq_d%253Dnew%2520Object%2528%2529%253B%250Awindow.xzq_d%255B
https://s.yimg.com/rq/darla/2-8-9/html/r-csc.html
about:blank
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 356d8090-2b59-11e4-b85c-ff432618d130_altjoezee40x40.jpg
[NoScript XSS]: sanitized window.name, "pos=LREC&id=fp-adsLREC-iframe&html=%253C%2521--%2520APT%2520Vendor%253A%2520Right%2520Media%252C%2520Format%253A%2520Standard%2520Graphical%2520--%253E%250A%253CSCRIPT%2520TYPE%253D%2522text/javascript%2522%2520SRC%253D%2522https%253A//ads.yahoo.com/st%253Fad_type%253Dad%2526publisher_blob%253D%2524%257BRS%257D%257CwKwx7TIwNi4h5R2vVcTEvgpUMTA0LlXE96kAAAAA%257C2023538075%257CLREC%257C1438971817.286603%257C2-8-9%257Cysd%257C1%2526cnt%253Dyan%2526ad_size%253D300x250%2526section%253D6128464%2526uccc%253D%2524%257BUCCC%257D%2526cb%253D1438971817.286603%2526yud%253Dsmpv%25253d3%252526ed%25253dzAomdF31xQxuC8RcCEyKD8XNfbhfAejk7A--%2526K%253D1%2526O%253D1%2526pub_redirect_unencoded%253D1%2526pub_url%253Dhttps%25253A%25252F%25252Fwww.yahoo.com%2526pub_redirect%253Dhttps%253A//beap-bc.yahoo.com/yc/YnY9MS4wLjAmYnM9KDE3aXBjcDVxcihnaWQkd0t3eDdUSXdOaTRoNVIydlZjVEV2Z3BVTVRBMExsWEU5NmtBQUFBQSxzdCQxNDM4OTcxODE3NDYwNTcyLHNpJDQ0NTIwNTEsc3AkMjAyMzUzODA3NSxjdCQyNSx5YngkdG9FeDNXSGlqdy5KMG1kNWtvRnhHdyxsbmckZW4tdXMsY3IkNDMxNzg0MTA1MSx2JDIuMCxhaWQkaGx5ODNOZ25PSEktLGJpJDIxNDIxMzg1NTEsbW1lJDkwNDMxMTYxMzgyMDM0MzE0OTAsciQwLHlvbyQxLGFncCQzMjc1NTU5MDUxLGFwJExSRUMpKQ/2/*%2522%253E%253C/SCRIPT%253E%253Cscript%253Evar%2520url%2520%253D%2520%2522%2522%253B%2520if%2528url%2520%2526%2526%2520url.search%2528%2522http%2522%2529%2520%2521%253D%2520-1%2529%257Bnew%2520Image%2528%2529.src%2520%253D%2520url%253B%257D%253C/script%253E%253C%2521--QYZ%25202142138551%252C4317841051%252C98.139.115.81%253B%253BLREC%253B2023538075%253B1--%253E&src=https%3A//s.yimg.com/rq/darla/2-8-9/html/r-sf.html&cscHTML=&cscURI=&behavior=non_exp&hasErr=&hasError=&adID=999999&matchID=&bookID=2142138551&serveType=-1&slotID=2&size=300x250&hasExternal=&hasRMX=1&ioID=999999&lineID=999999&creativeID=4317841051&placementID=3275559051&impID=hly83NgnOHI-&supp_ugc=0&fdb=fdb_url%3Dhttps%253A//beap-bc.yahoo.com/af/us%253Fbv%253D1.0.0%2526bs%253D%252815hd7l908%2528gid%2524wKwx7TIwNi4h5R2vVcTEvgpUMTA0LlXE96kAAAAA%252Cst%25241438971817460572%252Csrv%25241%252Csi%25244452051%252Cct%252425%252Cexp%25241438979017460572%252Cadv%252428845691635%252Cli%25243269900051%252Ccr%25244317841051%252Cv%25241.0%252Cpbid%252420459933223%2529%2529%2526al%253D%2528type%2524%257Btype%257D%252Ccmnt%2524%257Bcmnt%257D%252Csubo%2524%257Bsubo%257D%2529%2526r%253D10%26fdb_on%3D1%26fdb_exp%3D1438979017460%26fdb_intl%3Den-US&closeBtn=&serveTime=1438971817460572&is3rd=1&meta=ownerKey%253Dy%2526y%253DcscHTML%25253D%252526cscURI%25253D%252526impID%25253Dhly83NgnOHI-%252526supp_ugc%25253D0%252526placementID%25253D3275559051%252526creativeID%25253D4317841051%252526serveTime%25253D1438971817460572%252526behavior%25253Dnon_exp%252526adID%25253D9043116138203431490%252526matchID%25253D999999.999999.999999.999999%252526err%25253D%252526hasExternal%25253D0%252526size%25253D300x250%252526bookID%25253D2142138551%252526serveType%25253D-1%252526slotID%25253D2%252526fdb%25253D%2525257B%25252520%25252522fdb_url%25252522%2525253A%25252520%25252522https%2525253A%2525255C/%2525255C/beap-bc.yahoo.com%2525255C/af%2525255C/us%2525253Fbv%2525253D1.0.0%25252526bs%2525253D%2525252815hd7l908%25252528gid%25252524wKwx7TIwNi4h5R2vVcTEvgpUMTA0LlXE96kAAAAA%2525252Cst%252525241438971817460572%2525252Csrv%252525241%2525252Csi%252525244452051%2525252Cct%2525252425%2525252Cexp%252525241438979017460572%2525252Cadv%2525252428845691635%2525252Cli%252525243269900051%2525252Ccr%252525244317841051%2525252Cv%252525241.0%2525252Cpbid%2525252420459933223%25252529%25252529%25252526al%2525253D%25252528type%25252524%2525257Btype%2525257D%2525252Ccmnt%25252524%2525257Bcmnt%2525257D%2525252Csubo%25252524%2525257Bsubo%2525257D%25252529%25252526r%2525253D10%25252522%2525252C%25252520%25252522fdb_on%25252522%2525253A%25252520%252525221%25252522%2525252C%25252520%25252522fdb_exp%25252522%2525253A%25252520%252525221438979017460%25252522%2525252C%25252520%25252522fdb_intl%25252522%2525253A%25252520%25252522en-US%25252522%25252520%2525257D%252526slotData%25253D%2525257B%25252522pt%25252522%2525253A%252525228%25252522%2525252C%25252522bamt%25252522%2525253A%2525252210000000000.000000%25252522%2525252C%25252522namt%25252522%2525253A%252525220.000000%25252522%2525252C%25252522isLiveAdPreview%25252522%2525253A%25252522false%25252522%2525252C%25252522is_ad_feedback%25252522%2525253A%25252522false%25252522%2525252C%25252522isCompAds%25252522%2525253A%25252522false%25252522%2525252C%25252522adjf%25252522%2525253A%252525221.000000%25252522%2525252C%25252522alpha%25252522%2525253A%25252522-1.000000%25252522%2525252C%25252522ffrac%25252522%2525253A%252525220.989686%25252522%2525252C%25252522pcpm%25252522%2525253A%25252522-1.000000%25252522%2525252C%25252522fc%25252522%2525253A%25252522false%25252522%2525252C%25252522sdate%25252522%2525253A%252525221406176051%25252522%2525252C%25252522edate%25252522%2525253A%252525221446350399%25252522%2525252C%25252522bimpr%25252522%2525253A399999991808.000000%2525252C%25252522pimpr%25252522%2525253A0.000000%2525252C%25252522spltp%25252522%2525253A0.000000%2525252C%25252522frp%25252522%2525253A%25252522false%25252522%2525252C%25252522pvid%25252522%2525253A%25252522wKwx7TIwNi4h5R2vVcTEvgpUMTA0LlXE96kAAAAA%25252522%2525257D%252526adc%25253D%2525257B%25252522label%25252522%2525253A%25252522AdChoices%25252522%2525252C%25252522url%25252522%2525253A%25252522https%2525253A%2525255C/%2525255C/info.yahoo.com%2525255C/privacy%2525255C/us%2525255C/yahoo%2525255C/relevantads.html%25252522%2525252C%25252522close%25252522%2525253A%25252522Close%25252522%2525252C%25252522closeAd%25252522%2525253A%25252522Close%25252520Ad%25252522%2525252C%25252522showAd%25252522%2525253A%25252522Show%25252520ad%25252522%2525252C%25252522collapse%25252522%2525253A%25252522Collapse%25252522%2525252C%25252522fdb%25252522%2525253A%25252522I%25252520don%25252527t%25252520like%25252520this%25252520ad%25252522%2525252C%25252522code%25252522%2525253A%25252522en-us%25252522%2525257D%252526is3rd%25253D1%252526hasRMX%25253D1&conf=pos%3DLREC%26id%3DLREC%26clean%3Dfp-adsLREC%26dest%3Dfp-adsLREC-iframe%26w%3D300%26h%3D250%26fdb%3Dtrue%26metaSize%3Dtrue%26supports%3Dexp-ovr%253D0%2526exp-push%253D0%26z%3D10%26wcpx%3D1%26hcpx%3D1%26async%3Dfalse%26css%3D%26fr%3D%26size%3D300x250%26bg%3Dtransparent%26tgt%3D_blank%26timeout%3Dfalse%26lowHTML%3D%26meta%3Dnull%26flex%3Dfalse&renderClass=expIfr_exp&guid=dr__0_1438971816583_59&geom=win%253Dt%25253D-6%252526l%25253D-6%252526b%25253D480%252526r%25253D1014%252526w%25253D1020%252526h%25253D486%2526par%253Dt%25253D0%252526l%25253D0%252526r%25253D1007%252526b%25253D486%252526w%25253D1007%252526h%25253D486%2526doc%253Dt%25253D0%252526l%25253D0%252526b%25253D3637%252526r%25253D1007%252526w%25253D1007%252526h%25253D3637%2526root%253Dtrue%2526fixed%253Dnull%2526exp%253Dt%25253D366.83331298828125%252526l%25253D695.0333251953125%252526r%25253D11.9666748046875%252526b%25253D0%252526xs%25253Dfalse%252526ys%25253Dfalse%252526w%25253D0%252526h%25253D0%252526civ%25253D0%2526self%253Dt%25253D366.83331298828125%252526l%25253D695.0333251953125%252526r%25253D995.0333251953125%252526b%25253D616.8333129882812%252526w%25253D300%252526h%25253D250%252526z%25253D10%252526iv%25253D0.48%252526xiv%25253D1%252526yiv%25253D0.48&ckOn=true&dm=&hf=true&flexW=false&flexH=false&flexInf=false&origX=695.0333251953125&origY=366.83331298828125&ert=0&srcHost=https%3A//s.yimg.com&host=https%3A//www.yahoo.com&hostURL=https%253A//www.yahoo.com&fromURL=&proxyID=&html5=1&proxyPath="
to
"DARLA_JUNK"
URL: https://s.yimg.com/rq/darla/2-8-9/html/r-sf.html
https://s.yimg.com/rq/darla/2-8-9/html/r-sf.html
about:blank
[NoScript XSS]: sanitized window.name, "pos=TL1&id=fp-adsTL1-iframe&html=%253C%2521--%2520APT%2520Vendor%253A%2520Yahoo%252C%2520Format%253A%2520Standard%2520Graphical%2520--%253E%250A%253Cstyle%253E%250A.ad-tl2b%2520%257Btext-align%253Aleft%253Bfont-size%253A80%2525%253B%257D%250A.ad-tl2b%2520p.y-fp-pg-controls%2520%257Bdisplay%253Ablock%253Bbackground-position%253Aleft%2520-2275px%257D%250A.ad-tl2b%2520a%2520%257B%2520padding-top%253A0px%253B%2520%257D%250A.ad-tl2b%2520b%2520%257B%2520font-weight%253A700%253B%2520%257D%250A.ad-tl1%2520%2523tl1_slug%2520%257Btext-align%253Aleft%253Bfont-size%253A9px%253Bcolor%253A%2523999999%253Bfont-weight%253A400%253Bpadding%253A%25200%25200%25203px%25201px%253B%257D%250A%253C/style%253E%250A%253Cp%2520id%253D%2522tl1_slug%2522%253EADVERTISEMENT%253C/p%253E%250A%253Cdiv%2520class%253D%2522ad-tl2b%2520small%2522%253E%250A%2509%253Cp%2520class%253D%2522y-fp-pg-controls%2522%253E%253Ca%2520href%253D%2522https%253A//beap-bc.yahoo.com/yc/YnY9MS4wLjAmYnM9
https://s.yimg.com/rq/darla/2-8-9/html/r-sf.html
about:blank
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 53816fe0-2313-11e4-9191-5f1244c1bac6_Pat_Forde_40x40.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] a0576e90-1f40-11e4-aeb1-9931dcc5b07e_DavidPogueNEW_40x40_tight.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 1431526496673-2593.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
TypeError: fvd_single_Downloads.statusPage is not a function fvd_single.js:2260:2
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p2
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] hjs
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] hjsal
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 9f0a9ef637b067c3f0b460d661a691d2.png
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 977e36300e807cefb9b9b5f24cfec854.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 15ec38a61102d37e3d37116c33031a33.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] e3e9a9ea5e9817de3bd66cd9bf0591c2.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] b6253c4abbec8d91b6447e303d194736.jpeg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] Guys_will_wait_2_hours-6f48651b01de97ad3fa1bee6562ecef7.cf.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 15573826100_aba4fcdbcd_s.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 4763189687_e2debcfcc1_s.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 14701066158_9e2b4cc4a7_s.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 16630144254_30742367ae_s.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 1438351458009-7881.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 686d22de-5852-4784-8887-a6c7cbce1ec5_ttku-ckiXsSHCJJ3hWXTHzsYrzwGeBoQeK9AtHE7nXBr4kmDM4izxceALo3Ipa6JMXeu53YzbXM-_2_0.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 1437492268523-2940.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] hjs
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 1436836305239-1076.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] yql
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 6189422302_62fcc71410_s.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] AP_646037005776_635x250_1438948757.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] 0dcf42f2-af30-349c-a932-39e4dd4e0daa
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p.gif;_ylt=A86.IpCp98RVd9EAkUqbvZx4;_ylu=X3oDMTVuMWk4MXVuBGEDQktUIDE1MDgwNyBwb2xpdGljcyBiYWkgdHJ1bXAgdARhaWQDaWQtMzU2ODQyNQRjY29kZQNkd2hfbG9nZ2VyXzIEY3BvcwMzBGcDZDY4MmVlYTItM2U5Yy0zYTQwLWFjMmEtYzU0MDdlNmY2ODAyBGludGwDdXMEaXRjAzIEcGtndgM2BHIDRFpodWFzQk5QOGZVUHc9PQRzZWMDdGQtZmVhBHNsawN0aHVtYgR0ZXN0AzkwMQ--
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] get
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] trumpkelly_635x250_1438957696.jpg
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] p.gif;_ylt=A86.IpCp98RVd9EAkkqbvZx4;_ylu=X3oDMTY1ajdxbjBzBGEDQktUIDE1MDgwNyBwb2xpdGljcyB0cnVtcCBsYXNoZXMgb3V0IGtlbGx5IHQEYWlkA2lkLTM1Njg0MzkEY2NvZGUDZHdoX2xvZ2dlcl8yBGNwb3MDNARnAzg2N2YxNTBlLTI0ODQtMzZhZS05NWIwLWVjZTY5YWE5YjMyYQRpbnRsA3VzBGl0YwMyBHBrZ3YDMTAEcgNEWmh1YXNCTjNISHBQUT09BHNlYwN0ZC1mZWEEc2xrA3RodW1iBHRlc3QDOTAx
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] av
[NoScript InjectionChecker] JavaScript Injection in ///_ylt=Ah2lPT.waDq2PY6fD4T2fXubvZx4;_ylc=X3oDMThzODRtcmQ4BF9TAzIwMjM1MzgwNzUEYQNCS1QgMTUwODA3IHBvbGl0aWNzIHRydW1wIGxhc2hlcyBvdXQga2VsbHkgdARhaWQDaWQtMzU2ODQzOQRjY29kZQNkd2hfbG9nZ2VyXzIEY3BvcwM0BGcDODY3ZjE1MGUtMjQ4NC0zNmFlLTk1YjAtZWNlNjlhYTliMzJhBGludGwDdXMEaXRjAzAEbHR4dANUcnVtcGxhc2hlc291dGF0S2VsbHkEcGtndgMxMARwb3MDMARyA0RaaHVhc0JOM0hIcFBRPT0Ec2VjA3RkLWZlYQRzbGsDdGh1bWJsaW5rBHRhcgN3d3cueWFob28uY29tBHRhcl91cmkDL3BvbGl0aWNzBHRlc3QDOTAx/RV=1/RE=1440181417/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL3BvbGl0aWNzL2RvbmFsZC10cnVtcC1sYXNoZXMtb3V0LWF0LW1lZ3luLWtlbGx5LWZvci1kZWJhdGUtMTI2MDk0MDIzOTExLmh0bWw-/RS=%5EADALm_7IZP_I5WWrVhX7mKsRxAAXNc-
(function anonymous() {
_ylt=Ah2lPT.waDq2PY6fD4T2fXubvZx4;_ylc=X3oDMThzODRtcmQ4BF9TAzIwMjM1MzgwNzUEYQNCS1QgMTUwODA3IHBvbGl0aWNzIHRydW1wIGxhc2hlcyBvdXQga2VsbHkgdARhaWQDaWQtMzU2ODQzOQRjY29kZQNkd2hfbG9nZ2VyXzIEY3BvcwM0BGcDODY3ZjE1MGUtMjQ4NC0zNmFlLTk1YjAtZWNlNjlhYTliMzJhBGludGwDdXMEaXRjAzAEbHR4dANUcnVtcGxhc2hlc291dGF0S2VsbHkEcGtndgMxMARwb3MDMARyA0RaaHVhc0JOM0hIcFBRPT0Ec2VjA3RkLWZlYQRzbGsDdGh1bWJsaW5rBHRhcgN3d3cueWFob28uY29tBHRhcl91cmkDL3BvbGl0aWNzBHRlc3QDOTAx /* COMMENT_TERMINATOR */
DUMMY_EXPR
})
[NoScript XSS] Sanitized suspicious request. Original URL [http://hsrd.yahoo.com/_ylt=Ah2lPT.waDq2PY6fD4T2fXubvZx4;_ylc=X3oDMThzODRtcmQ4BF9TAzIwMjM1MzgwNzUEYQNCS1QgMTUwODA3IHBvbGl0aWNzIHRydW1wIGxhc2hlcyBvdXQga2VsbHkgdARhaWQDaWQtMzU2ODQzOQRjY29kZQNkd2hfbG9nZ2VyXzIEY3BvcwM0BGcDODY3ZjE1MGUtMjQ4NC0zNmFlLTk1YjAtZWNlNjlhYTliMzJhBGludGwDdXMEaXRjAzAEbHR4dANUcnVtcGxhc2hlc291dGF0S2VsbHkEcGtndgMxMARwb3MDMARyA0RaaHVhc0JOM0hIcFBRPT0Ec2VjA3RkLWZlYQRzbGsDdGh1bWJsaW5rBHRhcgN3d3cueWFob28uY29tBHRhcl91cmkDL3BvbGl0aWNzBHRlc3QDOTAx/RV=1/RE=1440181417/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tL3BvbGl0aWNzL2RvbmFsZC10cnVtcC1sYXNoZXMtb3V0LWF0LW1lZ3luLWtlbGx5LWZvci1kZWJhdGUtMTI2MDk0MDIzOTExLmh0bWw-/RS=%5EADALm_7IZP_I5WWrVhX7mKsRxAAXNc-] requested from [https://www.yahoo.com/]. Sanitized URL: [http://hsrd.yahoo.com/_ylt%20Ah2lPT.waDq2PY6fD4T2fXubvZx4;_ylc%20X3oDMThzODRtcmQ20F9TAzIwMjM1MzgwNzUEYQNCS1QgMTUwODA3IHBvbGl0aWNzIHRydW1wIGxhc2hlcyBvdXQga2VsbHkgdARhaWQ20WQtMzU2ODQzOQRjY29kZQNkd2hfbG9nZ2VyXzIEY3BvcwM0BGcDODY3ZjE1MGUtMjQ4NC0zNmFlLTk1YjAtZWNlNjlhYTliMzJhBGludGwDdXMEaXRjAzAEbHR4dANUcnVtcGxhc2hlc291dGF0S2VsbHkEcGtndgMxMARwb3MDMARyA0RaaHVhc0JOM0hIcFBRPT0Ec2VjA3RkLWZlYQRzbGsDdGh1bWJsaW5rBHRhcgN3d3cueWFob28uY29tBHRhcl91cmkDL3BvbGl0aWNzBHRlc3QDOTAx/RV%201/RE%201440181417/RH%20aHNyZC55YWhvby5jb20-/RO%202/RU%20aHR0cHM6Ly93d3cueWFob28uY29tL3BvbGl0aWNzL2RvbmFsZC10cnVtcC1sYXNoZXMtb3V0LWF0LW1lZ3luLWtlbGx5LWZvci1kZWJhdGUtMTI2MDk0MDIzOTExLmh0bWw-/RS%20%5EADALm_7IZP_I5WWrVhX7mKsRxAAXNc-#26354680646894846615].
Overriding failed (2147500037) redirect callback for 12: https://gwc.lphbs.com/crossdomain.xml -> https://gwc.lphbs.com/crossdomain.xml - 2
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
fvd_single_Downloads.statusPage is not a function fvd_single.js:2260:0
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] combo
TypeError: fvd_single_Downloads.statusPage is not a function fvd_single.js:2260:2
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.[Learn More] crossdomain.xml
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98
Object {  } sandbox.js:327
Object {  } sandbox.js:327
Object { _errorType: "Error", message: "url is undefined", fileName: "resource://gre/modules/commonjs/too…", lineNumber: 22, stack: "@resource://gre/modules/commonjs/to…", name: "TypeError" } core.js:98

Re: XSS problem at yahoo

Posted: Sun Aug 09, 2015 10:15 pm
by Thrawn
@laidoff: That looks a bit different to glentek's issue. In fact, it looks like this crime against web security.

Re: XSS problem at yahoo

Posted: Tue Aug 11, 2015 9:51 pm
by Giorgio Maone
Should be fixed in latest development build 2.6.9.35rc1, thanks.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited