Cross-site scripting; a type of vulnerability in web applications which allows attackers to inject arbitrary JavaScript or other client-side code into webpages.
Questions tagged [xss]
11 questions
2
votes
2 answers
Getting frequent XSS warnings from Firefox
With the recent changes to Firefox (and NoScript apparently) I am getting frequent XSS warnings from "tqn" in particular. It seems to happen every time I do even minor things like open a new tab in Firefox. This is what it looks like:
Can somebody…
Tyler Durden
- 6,333
1
vote
1 answer
How can I use bookmarklets in IE11 that involve cross-site scripting?
I'm trying to use some bookmarklets that involve loading javascript from a trusted website. In particular, OpenSpritz and Squirt
I have Squirt working in Chrome, but I use IE11 for the most part. When I click the bookmarklet, nothing happens. I…
Hand-E-Food
- 4,961
1
vote
3 answers
Yahoo Mail vulnerability resulting in emails with no subject and a single link
Lately I've gotten random emails from friends with Yahoo Mail (or sbcglobal.net, which uses Yahoo Mail) without a subject and some random URL that I'm not going to click on.
At first I thought that someone had gotten ahold of their password, and I…
tomlogic
- 185
1
vote
2 answers
How do I disable XSS/"Same Origin" checking on Chrome?
I am trying to access the contents of HTML tags within an iframe on a page I am developing. The parent and iframed pages have the same root domain, but different subdomains. I cannot alter the iframed page, but I can alter the parent page.
To this…
David Faux
- 4,899
1
vote
0 answers
What is this script that's injected in every webpage I visit, and if malicious how to get rid of it?
I found this script when inspecting webpages and I have no idea where this is coming from or if this is malicious. Is this malicious, how can I find out where it came from and how to get rid of that?
var tvt = tvt || {}; tvt.captureVariables =…
MrSlippyFist
- 111
1
vote
2 answers
How do I copy and paste all cookies related to a website?
I am learning some basic concepts about XSS and now I want to see what's gonna happen if I copy all cookies related to one site and paste it in a clean browser tab (e.g. open a incognito tab or open another browser).
What's the proper way to do…
Rick
- 297
- 1
- 5
- 16
1
vote
2 answers
Is this injected JavaScript code and how to prevent it from appearing once uploaded?
I have a static website. I update the web pages locally in my computer then upload it using FileZilla. Yet, once uploaded I review the source code of any of my pages and see a script that is injected inside the . The script does not change the…
JAT86
- 241
1
vote
1 answer
Beef installation problem in Windows 10 - 64 bit
I am trying to install Beef in a WIndows 10 - 64 bit PC.
I followed the instructions provided in the following link:
https://github.com/beefproject/beef/blob/master/INSTALL.txt
But I keep getting this error:
An error occurred while installing…
Neel
- 123
- 6
0
votes
0 answers
How does Chrome/Firefox/ie10+ handle cross protocol HTTP requests?
I've been writing a webpage that makes use of an online API that only outputs JSON, and is only served from an SSL server. (It's the Eventbrite API). And my personal web server does not support SSL.
When I use a jQuery HTTP GET request (I've also…
mastrgamr
- 101
0
votes
2 answers
Can XSS and phising type attacks jump across browsers?
If I had two different browsers and separated their use such that I was only ever using browser A for things such as on-line banking and credit card purchases etc. And used browser B for everything else, then if browser B got had malicious scripts…
Mungbeans
0
votes
1 answer
Odd results in IEEE
Firstly, I apologize if this is the wrong Stack, but I guess my fellow Geeks here might find this interesting ..
I was looking for the IEEE 754 documents on the IEEE website, Binged it first, and used the 'official Website' link which 404'd!
Anyway,…
Cryogen
- 103