Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Gmail Accounts Vulnerable to XSS Exploit
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 29 Oct 2004 16:40:25 -0500

"A security hole in GMail has been found (an XSS vulnerability) which
allows access to user accounts without authentication. What makes the
exploit worse is the fact that changing passwords doesn't help. The full
details of the exploit haven't been disclosed. The vulnerability was
reported by Israeli news site Nana
<BLOCKED::http://net.nana.co.il/Article/?ArticleID=155025&sid=10> . They
were tipped off by an Israeli hacker. Google has been notified and they
are working to close the hole. The Register has the story here
<BLOCKED::http://www.theregister.co.uk/2004/10/29/gmail_vuln/> ."


  By Date           By Thread  

Current thread:
  • Gmail Accounts Vulnerable to XSS Exploit Todd Towles (Oct 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]