[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)
From: g.maone@xxxxxxxxxxxxxxxx
Date: 25 Nov 2010 23:39:33 -0000

NoScript 2.0.7 is released today (25th November 2010).
It correctly detects and blocks this variant (raw hexadecimal), but also the 
other 3 (quoted hexadecimal, raw binary and quoted binary) which have not been 
covered by this disclosure.

Prev by Date: [Suspected Spam]Vulnerabilities in Register Plus for WordPress
Next by Date: [eVuln.com] SQL injection Auth Bypass in Easy Banner Free
Previous by thread: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)
Next by thread: [Suspected Spam]Vulnerabilities in Register Plus for WordPress
Index(es):
- Date
- Thread