Strengthens protection against XSS vulnerabilities

May 11, 2012 13:58 GMT  ·  By

NoScript extension for Firefox keeps improving by adding security against new exploitation methods. Besides fixing up two issues, build 2.4.1 also integrates protection against two new XSS vulnerabilities.

It can now keep you safe against exploitation of classic MS ASP's coalescing of same-name query parameters. On the same note, it features Protection against URL injections in window.name. Also added in this build is the type check exception to the lesscss Google Code file repository, which is often used as a CDN.

As far as mending goes, NoScript 2.4.1 fixes case-sensitivity bug in detection of unicode escape sequences and the "Allow sites open through bookmarks" regression.

The current stable version was preceded by three release candidates, each solving its share of issues.

The entire list of changes for this update is available on this page. Download NoScript extension for Firefox.