New XSS vulnerability on Google - Google Blogoscoped Forum

Forum

New XSS vulnerability on Google
Juha-Matti Laurio	Friday, November 2, 2007 16 years ago • 2,514 views
Details at http://www.xssed.com/mirror/24521/ This You Got Stallown3d! picture was seen earlier too...
James Xuan	16 years ago #
Huh?
Colin Colehour	16 years ago #
I don't understand what your talking about either.
Juha-Matti Laurio	16 years ago #
The comment means the following: The picture 'You Got Stallown3d' is very familiar in XSS reports, it is being used to demonstrate downloading pictures from 3rd party Web site. I hope this will help.
Philipp Lenssen	16 years ago #
Last time Tony checked, around a week ago or so, Google still didn't have the old XSS exploit fixed either – and they were alerted to it. I'm talking about this one: http://blogoscoped.com/archive/2007-09-28-n28.html
Juha-Matti Laurio	16 years ago #
This specific issue (#24521 at Xssed.com) is marked as Fixed. Sorry for including this information to the post. Additionally, there is another issue too, link: http://www.xssed.com/mirror/24483/ At time of writing, this issue is fixed as well (and was fixed before the weekend too). Good work, Google security team!

Blog | Forum more >> Archive | Feed | Google's blogs | About

This site unofficially covers Google™ and more with some rights reserved. Join our forum!