Bugtraq mailing list archives
Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)
From: g.maone () informaction com
Date: 25 Nov 2010 23:39:33 -0000
NoScript 2.0.7 is released today (25th November 2010). It correctly detects and blocks this variant (raw hexadecimal), but also the other 3 (quoted hexadecimal, raw binary and quoted binary) which have not been covered by this disclosure.
Current thread:
- Re: NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI) g . maone (Nov 26)
- <Possible follow-ups>
- NoScript (2.0.5.1 < less ) - Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI) 0kn0ck (Nov 26)