Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: Jesse Ruderman <jruderma () cs hmc edu>
Date: Sat, 30 Oct 2004 23:18:20 -0700

n3td3v wrote:

Should the general public be expecting a disclosure of the
vulnerability to security mailing lists once a solution has been
implemented to patch the hole, so other web-based services are aware
of the possibility of the same problem being an issue for them, or
should gmail be keeping everything secret after they patch.

I'd be surprised if the vulnerability wasn't something already mentioned on http://www.squarefree.com/securitytips/web-developers.html#XSS .

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]