Today NoScript gave me the warning that de webpage start.mageia.org is a potential cross-site scripting attack:
NoScript XSS Warning
NoScript detected a potential Cross-Site Scripting attack
from file:///usr/share/indexhtml/index.html to http://start.mageia.org.
Suspicious data:
(URL) http://start.mageia.org/?p=vendor=Magei ... fault&l=en
My system: Mageia 8, 64 bit, Firefox 102.13.oesr, NoScript 11.4.25.
Marc.
XSS warning for Mageia,org webpages.
3 posts
• Page 1 of 1
XSS warning for Mageia,org webpages.
by marchugo » Jul 20th, '23, 11:30
- marchugo
- Posts: 59
- Joined: Sep 7th, '17, 13:55
Re: XSS warning for Mageia,org webpages.
by doktor5000 » Jul 20th, '23, 19:28
Hi there, best place to report this would be bugzilla: https://wiki.mageia.org/en/How_to_report_a_bug_properly
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
-
doktor5000 - Posts: 18042
- Joined: Jun 4th, '11, 10:10
- Location: Leipzig, Germany
Re: XSS warning for Mageia,org webpages.
by filip » Jul 22nd, '23, 20:16
We use local html file to open our web page. That is benign. At least it's meant that way.
You can check
You can check
- Code: Select all
cat /usr/share/indexhtml/index.html
- Code: Select all
cat /usr/share/indexhtml/script.js
- filip
- Posts: 478
- Joined: May 4th, '11, 22:10
- Location: Kranj, Slovenia
3 posts
• Page 1 of 1
Return to General discussions about Mageia
Who is online
Users browsing this forum: No registered users and 1 guest