Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Website Builder Site and weaknesses...
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Website Builder Site and weaknesses... (Read 1856 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Website Builder Site and weaknesses...
«
on:
April 08, 2019, 06:24:36 PM »
Re:
https://www.virustotal.com/en/url/4dcb5189d60897626739372f1dbc0b0a49ba779c15f61effd0b6a63bbfbb73bd/analysis/#additional-info
Re:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LjEyMy19e2ctbnt3LSNdbXxbbi5eXS51a2A%3D~enc
XSS-DOM issues: Results from scanning URL: -http://www.123-reg-new-domain.co.uk/javascript/iframe-app.js
Number of sources found: 43 ; number of sinks found: 20
Critical Security Risk:
https://sitecheck.sucuri.net/results/www.123-reg-new-domain.co.uk
F-scan rate status and recommendations:
https://observatory.mozilla.org/analyze/www.123-reg-new-domain.co.uk
Retire.js detected: Retire.js
jquery 1.8.3 Found in -http://www.123-reg-new-domain.co.uk/javascript/jquery.js
Vulnerability info:
Medium CVE-2012-6708 11290 Selector interpreted as HTML
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
51 tips to come to a better website design and better website security:
https://webhint.io/scanner/2e7880f7-3516-4d21-8b6d-cf7b5416b044
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Re: Website Builder Site and weaknesses...
«
Reply #1 on:
July 22, 2021, 10:19:41 PM »
Additionally ->
https://urlscan.io/result/6129508e-ba93-42b6-a5f2-faaf9aa49487/#links
and
https://urlscan.io/result/a1cbc79d-5a36-4b68-8153-53b2f5c066de/
bundle.js and chunk.js
https://snyk.io/advisor/npm-package/bundle-js
(2 open issues)
(see:
https://github.com/lsst/
pex_config
)
Configuration interface and history-tracking for LSST Data Management.
Akamai & GoDaddy & Google safe-browsing.
We see how total rely on technology and Akamai CDN forwarding can put us at risk,
because we just experienced that with Akamai DNS related downtime to-day.
polonus
«
Last Edit: July 22, 2021, 10:56:51 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Website Builder Site and weaknesses...