Full Disclosure mailing list archives
Gmail Accounts Vulnerable to XSS Exploit
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 29 Oct 2004 16:40:25 -0500
Slashdot.org "A security hole in GMail has been found (an XSS vulnerability) which allows access to user accounts without authentication. What makes the exploit worse is the fact that changing passwords doesn't help. The full details of the exploit haven't been disclosed. The vulnerability was reported by Israeli news site Nana <BLOCKED::http://net.nana.co.il/Article/?ArticleID=155025&sid=10> . They were tipped off by an Israeli hacker. Google has been notified and they are working to close the hole. The Register has the story here <BLOCKED::http://www.theregister.co.uk/2004/10/29/gmail_vuln/> ."
Current thread:
- Gmail Accounts Vulnerable to XSS Exploit Todd Towles (Oct 29)