Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Google XSS SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Google XSS

Juha-Matti reminded us of a new Google cross-site scripting issue related to a recent JAR: protocol vulnerability in Firefox that was reported by Petko D Petkov on Saturday:


Marcus H. Sachs
Director, SANS Internet Storm Center


301 Posts
ISC Handler
Nov 11th 2007
NoScript add-on has a new feature in V. 1.1.8 "JAR Jammer" that seems to designed to mitigate this exploit

Sign Up for Free or Log In to start participating in the conversation!