Gmail Cross-site Scripting Vulnerability - Google Blogoscoped Forum

Forum

Gmail Cross-site Scripting Vulnerability (View post)
Robert	Monday, January 1, 2007 2 years ago • 1,753 views
Use POP Use Gmail in HTML mode mail.google.com/mail/?ui=html (look for "Basic Html" on the gmail web page.) I think this is also the default mode when javascript is disabled
Ioannus de Verani	2 years ago #
Hey, that has been fixed already (theregister.co.uk/2004/11/01/g ...).
Dmitri	2 years ago #
This is the day I started using NoScript.
TOMHTML	2 years ago #
"Hey, that has been fixed already" AH AH AH
Haochi	2 years ago #
"Hey, that has been fixed already" Hahaha, "Published Monday 1st November 2004 11:30 GMT" Philipp, the code was hosted on Google Pages, and I took it down this morning. (Google wasn't involved.)
Juha-Matti Laurio	2 years ago #
TechReads blog has an entry too: cyber-knowledge.net/blog/2007/ ... (via /.)
Juha-Matti Laurio	2 years ago #
Sorry, posted to wrong thread... :-(
stefan2904	2 years ago #
google ({ Success: false, Errors: [] })
Jason Schramm	2 years ago #
Good thing I've been using NoScript for Firefox.
Philipp Lenssen	2 years ago #
> Hey, that has been fixed already Ioannus, your link points to a different vulnerability than this one. > the code was hosted on Google Pages Haochi, I updated the post.
This thread is locked as it's old... but you can create a new thread in the forum.

Blog | Forum more >> Archive | Feed | Google's blogs | About

Advertisement (advertise here?)

This site unofficially covers Google™ and more with some rights reserved. You can subscribe to the feed, email your tips and join our forum!