Almost NoScript Exploits Whitelist Vulnerabilities
Subject: General Tech | July 6, 2015 - 07:01 AM | Scott Michaud
This is like a five-year-old figuring out how to unlock a fireworks case full of paper crackers.
Regardless, there are two vulnerabilities, both of which have already been updated. Both of them take advantage of the whitelist functionality to ignore malicious code. By default, NoScript trusts a handful of domains, because blocking every script ever would break too much of the internet.