Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm confused. While the title is for v3.5.1, the details say v3.5.

It should be noted that this is a medium vulnerability and the chances of running into is are impossible according to one commenter.




The debate you're referring to is whether this is exploitable if you block Javascript with NoScript. Most of us don't.


Thanks. That's what I was looking for. The write-up didn't indicate what was vulnerable...I had to look at the PoC code.

I'd bet most of this community uses NoScript. My wife and family do not. I don't bother installing it on their systems because my experience has been that they simply whitelist everything that "doesn't work".

There's no point to installing NoScript on Firefox used by someone who whitelists a site he clicked on from a spam message because there was an appropriately placed breast, or claims of such of the appropriate size.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: