Google Blogoscoped

Forum

GoogHOle (XSS pwning GMail, Picasa and almost 200K customers)

mukthar [PersonRank 7]

Tuesday, September 25, 2007
16 years ago7,565 views

From the article:
"
Not a great month for Google security.
In the past 3 days, 34 interesting disclosures have been published:"
From
http://hackademix.net/2007/09/24/googhole-xss-pwning-gmail-picasa-and-almost-200k-customers/

Haochi [PersonRank 10]

16 years ago #

You mean... 4, right?

It seems to me that Google has fixed the Poll vulnerabilities, if there were any, and to my knowledge the Urchin one has been out for about a week or two, so it doesn't count as "in the past 3 days".

It's faster to fix in house problems, but it would take a while for the clients.
Then again, "security is useless."

mukthar [PersonRank 7]

16 years ago #

:-), sorry for the mistake, it should have been 4 , not 34
Thanks Haochi

TOMHTML [PersonRank 10]

16 years ago #

I'm really wondering how works the Picasa flaw...

Juha-Matti Laurio [PersonRank 10]

16 years ago #

The Register covered the case here:
http://www.theregister.com/2007/09/24/google_vulns_put_users_at_risk/

TOMHTML [PersonRank 10]

16 years ago #

Another flaw in Google Docs announced, using Flash...

Suresh S [PersonRank 10]

16 years ago #

Some more Indian Sites Rediffmail.com has xss problems.

http://qna.rediff.com/Main.php?do=search&txtsearch=<script>alert(document.cookie);</script>

Rohit Srivastwa [PersonRank 10]

16 years ago #

[put at-character here]Suresh
Take this to xssed.com

You'll be amazed to see the number of XSS entires there.

Forum home

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!