The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
|
|||
|
|||
NoScript XSS warning.
Hey,
I've been using vBulletin for years with no problems, but today when I visited my site I started getting XSS warnings, which appear to be coming from our Yahoo! ads (which we've had for about 2 months now without any problems). The warnings appear on every page that displays the ads, and stop if I block the ads through NoScript. I have no idea if it's a genuine risk or if its just NoScript playing up, so I was wondering if someone in the know could take a look at the NoScript output and let me know what they think since it means nothing to me! I'm using vBulletin 3.8.1 PL1 with up-to-date OS/Apache/PHP/MySQL/etc. Code:
[NoScript XSS] Sanitised suspicious request. Original URL [[url]http://ypn-js.ysm.yahoo.com/d/search/p/ypn/jsads/?Partner=XXXXXXXXXX&type=57212&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fforums.MYSITE.org%2F&bc=FFFFFF&cc=FFFFFF&lc=0000FF&tc=000000&uc=999999&du=1&cb=1239884527856&ctxtContent=%3Chead%3E%0A%0A%0A%09%3C!--%20no%20cache%20headers%20--%3E%0A%09%3Cmeta%20http-equiv%3D%22Pragma%22%20content%3D%22no-cache%22%3E%0A%09%3Cmeta%20http-equiv%3D%22Expires%22%20content%3D%22-1%22%3E%0A%09%3Cmeta%20http-equiv%3D%22Cache-Control%22%20content%3D%22no-cache%22%3E%0A%09%3C!--%20end%20no%20cache%20headers%20--%3E%0A%09%3Cmeta%20http-equiv%3D%22Content-Type%22%20content%3D%22text%2Fhtml%3B%20charset%3DISO-8859-1%22%3E%0A%3Cmeta%20name%3D%22generator%22%20content%3D%22vBulletin%203.8.1%22%3E%0A%0A%3Cmeta%20name%3D%22keywords%22%20content%3D%22vbulletin%2Cjelsoft%2Cforum%2Cbbs%2Cdiscussion%2Cbulletin%20board%2Csex%2Crelationships%2Cdating%2Csupport%2Cadvice%2Cteen%20help%2Cteens%2Cissues%2Cabuse%2Cpuberty%2Cpre][/url] requested from [[url]http://forums.MYSITE.org/][/url]. Sanitised URL: [[url]http://ypn-js.ysm.yahoo.com/d/search/p/ypn/jsads/?Partner=XXXXXXXXXX&type=57212&adwd=728&adht=90&ctxtUrl=http%3A%2F%2Fforums.MYSITE.org%2F&bc=FFFFFF&cc=FFFFFF&lc=0000FF&tc=000000&uc=999999&du=1&cb=1239884527856&ctxtContent=%20head%3E%20!-%20no%20cache%20headers%20-%3E%20meta%20http-equiv%20%20Pragma%20content%20%20no-cache%20%3E%20meta%20http-equiv%20%20Expires%20content%20%20-1%20%3E%20meta%20http-equiv%20%20Cache-Control%20content%20%20no-cache%20%3E%20!-%20end%20no%20cache%20headers%20-%3E%20meta%20http-equiv%20%20Content-Type%20content%20%20text%2Fhtml%3B%20charset%20ISO-8859-1%20%3E%20meta%20NAME%20%20generator%20content%20%20vBulletin%203.8.1%20%3E%20meta%20NAME%20%20keywords%20content%20%20vbulletin%2Cjelsoft%2Cforum%2Cbbs%2Cdiscussion%2Cbulletin%20board%2Csex%2Crelationships%2Cdating%2Csupport%2Cadvice%2Cteen%20help%2Cteens%2Cissues%2Cabuse%2Cpuberty%2Cpre#881207864027968914][/url].) |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|