Mageia forum

share the magic
http://forums.mageia.org/en/

XSS warning for Mageia,org webpages.

http://forums.mageia.org/en/viewtopic.php?f=4&t=14993

Page 1 of 1

XSS warning for Mageia,org webpages.

PostPosted: Jul 20th, '23, 11:30
by marchugo
Today NoScript gave me the warning that de webpage start.mageia.org is a potential cross-site scripting attack:


NoScript XSS Warning

NoScript detected a potential Cross-Site Scripting attack

from file:///usr/share/indexhtml/index.html to http://start.mageia.org.

Suspicious data:

(URL) http://start.mageia.org/?p=vendor=Magei ... fault&l=en

My system: Mageia 8, 64 bit, Firefox 102.13.oesr, NoScript 11.4.25.

Marc.

Re: XSS warning for Mageia,org webpages.

PostPosted: Jul 20th, '23, 19:28
by doktor5000
Hi there, best place to report this would be bugzilla: https://wiki.mageia.org/en/How_to_report_a_bug_properly

Re: XSS warning for Mageia,org webpages.

PostPosted: Jul 22nd, '23, 20:16
by filip
We use local html file to open our web page. That is benign. At least it's meant that way.

You can check
Code: Select all
cat /usr/share/indexhtml/index.html
and
Code: Select all
cat /usr/share/indexhtml/script.js
or open those files in your favorite GUI editor for yourself.
All times are UTC + 1 hour [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/