Google Search Appliance is vulnerable to XSS

Written by DP

Saturday, 22 September 2007

MustLive from, has disclosed a cross-site scripting vulnerability in the very expensive Google Search Appliance solution for enterprises. Many high-profiled websites which use this product are currently vulnerable.


The mi5 website and other vulnerable ones, use an old version of Google Search Appliance: ©2001 Google.

This google-dork reveals about 195.000 possibly vulnerable websites. Despite the fact that MustLive has contacted Google, rumors say that they have not yet let their customers know about the issue.

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.