Bugtraq mailing list archives

Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)

From: g.maone () informaction com
Date: 25 Nov 2010 23:39:33 -0000

NoScript 2.0.7 is released today (25th November 2010).
It correctly detects and blocks this variant (raw hexadecimal), but also the other 3 (quoted hexadecimal, raw binary 
and quoted binary) which have not been covered by this disclosure.

Current thread:

Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI) g . maone (Nov 26)
- <Possible follow-ups>
- NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI) 0kn0ck (Nov 26)