Google Sites Reflective Cross-Site Scripting

Written by KF

Friday, 30 January 2009

UPDATE: Fixed in less than 2 hours: clap clap!

Get it while it's hot! Pierre Gardenat submitted a very interesting reflective cross-site scripting vulnerability affecting the login page of Google Sites.

This could be used for example to steal accounts, but don't worry, it will probably be fixed very quickly by Google, just like the last times ;)




Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.