[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
From: Shoshannah Forbes <xslf@xxxxxxxx>
Date: Sat, 30 Oct 2004 13:47:30 +0200

"A security hole in GMail has been found (an XSS vulnerability) which
allows access to user accounts without authentication. What makes the
exploit worse is the fact that changing passwords doesn't help. The full
details of the exploit haven't been disclosed"
http://slashdot.org/article.pl?sid=04/10/29/1830247
-- 
Shoshannah Forbes
http://www.xslf.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
  - From: n3td3v
- Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
  - From: Calum Power

Prev by Date: Re: [Full-Disclosure] Slightly off-topic: www.georgewbush.com
Next by Date: [Full-Disclosure] [OpenPKG-SA-2004.045] OpenPKG Security Advisory (mysql)
Previous by thread: [Full-Disclosure] Gmail Accounts Vulnerable to XSS Exploit
Next by thread: Re: [Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
Index(es):
- Date
- Thread