Author Topic: Do you trust pure JS Wifi Code Generator to create share code?  (Read 412 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 32273
  • malware fighter
Do you trust pure JS Wifi Code Generator to create share code?
« on: February 16, 2020, 01:03:03 PM »
Never share with Interwebz, that what you do not want to share with all  of the world.
Even when qifi dot org does not know your info, Google may.

Does not look bad at a first glance: https://webcookies.org/cookies/qifi.org/29058532?855830

Written in jQuery, ergo bootstrap javascript  problems, see:
Quote
Retire.js
bootstrap   3.3.7   Found in -https://qifi.org/bootstrap/dist/js/bootstrap.min.js
Vulnerability info:
High   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery   3.3.1.min   Found in -https://qifi.org/jquery/jquery-3.3.1.min.js
Vulnerability info:
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
info-bron Retire.js extensie

And insecure in this sense:
Quote
This website is insecure.
100% of the trackers on this site could be protecting you from NSA snooping. Tell newtab to fix it.

 All trackers
At least 1 third parties know you are on this webpage.

qifi.org qifi.org
Legend

 Tracker could be tracking safely if this site was secure.

 Tracker does not support secure transmission.
info source: Tracker SSL extensie.

Web server for qifi dot org = Netlify, lees: https://youthful-jackson-cf65d8.netlify.com  (info source: #sockpuppet)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!