Full Disclosure: Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit

From: Jesse Ruderman <jruderma () cs hmc edu>
Date: Sat, 30 Oct 2004 23:18:20 -0700

n3td3v wrote:

Should the general public be expecting a disclosure of the
vulnerability to security mailing lists once a solution has been
implemented to patch the hole, so other web-based services are aware
of the possibility of the same problem being an issue for them, or
should gmail be keeping everything secret after they patch.

I'd be surprised if the vulnerability wasn't something already mentionedon http://www.squarefree.com/securitytips/web-developers.html#XSS .


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

Re: Slashdot: Gmail Accounts Vulnerable to XSS Exploit, (continued)