XSS Attempt on here ?

Discussion in 'General Topics' started by CloneRanger, Aug 24, 2012.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I tried several times to reply with screenies in here https://www.wilderssecurity.com/showthread.php?t=329939 FireFox, Top Security/Privacy Extension

    Each time i got this

    xss 1.gif

    due to this

    xss.gif

    I disabled NoScript v2.5.1 + was then able to post ? I then discovered the screenies are NOT auto showing, but if you right click them they do open in a new instance of FF !

    I was able to post in another thread just fine, Without screenies !

    Any ideas why this is happening now ?

    TIA

    Edit - Screenies showing fine in this post.
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    I'm afraid there really isn't enough information in what's shown above for me to determine just what was gong on. I can say there is nothing overly special about the thread you were replying to. There's no imbedded exploit or anything like that in there. The best I can determine is that its some kind of f/p from NoScript.

    Any product that "detects" some kind of problem, whether malware, exploit, bad URLs, and even spam content... does so via some kind of fingerprinting or signature. Like any type of detection, there is a chance that f/p can occur. Maybe there was something specific in the combination of your browser, NoScript, the data in your reply, and the fact that you were attaching external content, (the uploaded image attachments), that caused it to trigger the detection.
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ LowWaterMark

    Hi, yes i wasn't thinking there would be a nasty etc on here :D

    I've just posted a reply in my WSA thread, + the screenie showed first time. Also no XSS alert :thumb: Plus i can BOLD + use smilies now too :) Plus the screenies in the thread i first posted about are now Auto appearing ?

    Don't know if it was something at my end, but if it was, it "appears" to have self corrected itself !

    Thanks for looking into it :thumb:
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    After several more posts in the last few mins, i think the issues are to do with the SecretAgent FF AddOn !

    I had problems with Bolding + Smilies in one post, which were resolved when i refreshed the page. As SA rotates the User Agent, some of these "appear" to confuse www's.
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Ah, so you are actually using that tool here then? Yes, changing User Agent can cause unexpected issues. Several functions in the forum software key off of whatever User Agent is passed into them. Some features are not available to some browers, (or other web accessing tools such as wget and the like), and are disabled to them. Others require different coding to produce the same type result in different browsers.

    Looking at the list of UAs it alternates through from the other thread, I think it's a terrible idea. It's one thing to say your Firefox is Opera or Internet Explorer, but, it's quite another thing to say Firefox is lynx or wget, which do not support a great many of the features used in the presentation of pages here. Those will always generate errors or unexpected results.
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ LowWaterMark

    I agree, some of those UA's are over the top :D

    Thanks for looking at the UA's :) I believe it MUST have been "some" of those causing the issue.
     
Thread Status:
Not open for further replies.