Google Blogoscoped

Forum

Google Spreadsheet vulnerability fixed

Juha-Matti Laurio [PersonRank 10]

Tuesday, April 15, 2008
16 years ago2,529 views

Security researcher Billy (BK) Rios has disclosed details about vulnerability in Google Spreadsheet based to Content-type filtering.
Due to the flaw unauthorized access to Gmail etc. on Google.com domain was possible. The vulnerability is fixed now.

Link:
http://xs-sniper.com/blog/2008/04/14/google-xss/

Tony Ruscoe [PersonRank 10]

16 years ago #

This is the same vulnerability we reported here over six months go (but we never actually released the details, although we did report it to Google):

http://blogoscoped.com/archive/2007-09-28-n28.html

Juha-Matti Laurio [PersonRank 10]

16 years ago #

This is interesting.

Google probably didn't managed to fix the vulnerability fully in September?

Tony Ruscoe [PersonRank 10]

16 years ago #

They didn't even try to fix it in September.
I think it's been wide open since then.

Forum home

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!