[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Re: [WEB SECURITY] Cross Site Scripting in Google
- To: rsnake@xxxxxxxxxxxx (RSnake)
- Subject: [Full-disclosure] Re: [WEB SECURITY] Cross Site Scripting in Google
- From: bugtraq@xxxxxxxxxxxxxxx
- Date: Wed, 5 Jul 2006 08:49:33 -0400 (EDT)
Did you even bother to email them and let them know? Being that they're still
vulnerable probably not....
- z
>
>
> Google is vulnerable to cross site scripting attacks. I found a
> function built off their add RSS feed function that returns HTML if a
> valid feed is found. It is intended as an AJAXy (dynamic JavaScript
> anyway) call from an inline function and the page is intended to do
> sanitation of the function. However, that's too late, and it returns
> the HTML as a query string, that is rendered, regardless of the fact
> that it is simply a JavaScript snippet.
>
> Here is the post that explains the whole thing:
>
> http://ha.ckers.org/blog/20060704/cross-site-scripting-vulnerability-in-google/
>
>
> -RSnake
> http://ha.ckers.org/
> http://ha.ckers.org/xss.html
> http://ha.ckers.org/blog/feed/
>
> ----------------------------------------------------------------------------
> The Web Security Mailing List:
> http://www.webappsec.org/lists/websecurity/
>
> The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/