Google XSS

Published: 2007-11-11
Last Updated: 2007-11-11 23:46:11 UTC
by Marcus Sachs (Version: 1)
1 comment(s)

Juha-Matti reminded us of a new Google cross-site scripting issue related to a recent JAR: protocol vulnerability in Firefox that was reported by Petko D Petkov on Saturday:


Marcus H. Sachs
Director, SANS Internet Storm Center

1 comment(s)


NoScript add-on has a new feature in V. 1.1.8 "JAR Jammer" that seems to designed to mitigate this exploit

Diary Archives