Jump to content


Photo

XSS Issue?


  • Please log in to reply
7 replies to this topic

#1 Chris07

Chris07

    Senior Captain

  • Member
  • 292 posts
  • Gender:Male
  • Location:Los Angeles, CA, USA
  • Interests:Medicine & Computer Science...what a combo!

Posted 26 January 2015 - 10:47 AM

Just recently, within about 30 minutes of this post, I've been getting redirected to a Malware site which states my browser is out of date and wants me to download some crap that's obviously malware. I get redirected as soon as the page finishes loading.

 

It happens about 10% of the time right now while browsing this forum. I've gone to a few others sites and forums, however I've had no issue with that. This is the only site with an issue. I am using Chrome and even had the issue occur on a fresh install of Firefox (which rules out a rogue chrome extension). I haven't downloaded/installed anything new on my PC for at least a few days....and I was browsing this site earlier without any problems. 

 

Chrome on my laptop, which runs on OSX also produces this issue...so I can rule out a virus/adware on my PC.

 

It looks like a possible XSS attack...perhaps it's a rouge advertisement?



#2 randomperson139

randomperson139

    Forum Ninja

  • Sub-Moderator
  • 5,404 posts
  • Gender:Not Telling
  • Location:Hiding in the shadows...

Posted 26 January 2015 - 11:15 AM

Sounds like something another user posted recently. It's related to the adverts within the site, Mikey said it was a problem with adsense, so something google would have to fix.

 

http://forum.emergen...972-site-issue/


Owner of 295 Warning Points
Executive Director: Forum Child Watch

Think a lot. Say little. Write nothing.
-J.P. Morgan

#3 Chris07

Chris07

    Senior Captain

  • Member
  • 292 posts
  • Gender:Male
  • Location:Los Angeles, CA, USA
  • Interests:Medicine & Computer Science...what a combo!

Posted 26 January 2015 - 11:26 AM

It may also be an issue with Viglink (The script that turns text into clickable links to sponsors on posts). It's seems to happen WAAAAY More frequently (if not exclusively) on the view topic pages for me.



#4 mariuswww

mariuswww

    Senior Captain

  • Members
  • 325 posts
  • Gender:Male

Posted 26 January 2015 - 02:51 PM

It may also be an issue with Viglink (The script that turns text into clickable links to sponsors on posts). It's seems to happen WAAAAY More frequently (if not exclusively) on the view topic pages for me.

I'm afraid that is a virus/malware. If it looks anything like this atleast. I've had it and it was a pain to get rid of.

 

As for the main topic I recommend Adblock as I believe (!) it stoppes redirecting links. I've not experienced it atleast.



#5 Chris07

Chris07

    Senior Captain

  • Member
  • 292 posts
  • Gender:Male
  • Location:Los Angeles, CA, USA
  • Interests:Medicine & Computer Science...what a combo!

Posted 27 January 2015 - 12:22 AM

I feel bad using ad blockers on small independent sites like this. I'm sure this site costs a fair amount of money to keep alive and having ads helps keep this site up and running.

Unfortunately due to this issue I may be forced to use it.

...now if EMP had a way to donate money in exchange for being ad free I'd consider donating ;)

#6 Chris07

Chris07

    Senior Captain

  • Member
  • 292 posts
  • Gender:Male
  • Location:Los Angeles, CA, USA
  • Interests:Medicine & Computer Science...what a combo!

Posted 27 January 2015 - 08:53 PM

Well the issue seems to have resolved itself. Haven't had this issue in over a day.  :cheers-mate:



#7 randomperson139

randomperson139

    Forum Ninja

  • Sub-Moderator
  • 5,404 posts
  • Gender:Not Telling
  • Location:Hiding in the shadows...

Posted 28 January 2015 - 12:45 AM

That's good. It's possible Google has fixed whatever the issue was with adsense, if that was indeed the problem in this case.

 

Let us know if any issues return.


Owner of 295 Warning Points
Executive Director: Forum Child Watch

Think a lot. Say little. Write nothing.
-J.P. Morgan

#8 MikeyPI

MikeyPI

    Heil kitler

  • Moderator
  • 667,284 posts
  • Gender:Male
  • Location:<Undisclosed>
  • Interests:Drinking booze, guns, and cars, when combined it can be really entertaining=)

Posted 28 January 2015 - 09:23 AM

The problem from my understanding is that people with ill intent managed to get into advertising system and instead of linking to normal legit advertisers instead goes to the not so legit alternatives that were added in their place, the issue happened for me for a short timeframe (about a day or two) before it was resolved by google.  In the end the issue that I was experiencing is similar to yours, but in both instances I believe it is related to the advertising system Google uses, they temporarily seem able to repair the damages done by the malicious actions but since it has happened for you so recently, it appears they have as-yet closed the loophole that they are exploiting to do it.  It is ultimately up to Google to make the required alterations to their system to prevent the malicious changes, we and other sites (we're not the only one to have had issues with this type of thing) can't do anything about it as it isnt our systems at fault, but the advertising system Google uses that requires alterations.  Hopefully they get it in check soon and eliminate the problems, otherwise many sites will have to change how they function because their system is unreliable if it continues to be tampered with.


Lazy Moderator - Will warn when agro >)
FLM.jpg
2z69r10.jpg
Executive Director, EMP Internment Camps