Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gmail Accounts Vulnerable to XSS Exploit

Posted by michael on from the ooooooops dept.

mallumax writes "A security hole in GMail has been found (an XSS vulnerability) which allows access to user accounts without authentication. What makes the exploit worse is the fact that changing passwords doesn't help. The full details of the exploit haven't been disclosed. The vulnerability was reported by Israeli news site Nana. They were tipped off by an Israeli hacker. Google has been notified and they are working to close the hole. The Register has the story here."

6 of 232 comments (clear)

  1. Re:I must do my part to help. by Weirdofreak · · Score: 1, Offtopic

    And I'll give one to the first person who can explain how somebody's going to fix it without an account.

    No IPods or the like though. Nyer.

  2. Re:I must do my part to help. by wdconinc · · Score: 0, Offtopic

    Thank you, I sent it to myself ;-)

  3. off topic : gmail invites by peeledback · · Score: 0, Offtopic

    I have 6 ? anybody want? send an email to peeledback ...at..@!#..punkass.com

  4. Re:I must do my part to help. by pipingguy · · Score: 0, Offtopic

    Screw that, I want a free Ipod.

  5. amen to that by contagious_d · · Score: 0, Offtopic
    by Anonymous Coward on Friday October 29, @06:27PM (#10668245)
    Free Flat Screen HERE!
    Please put your fucking "free stuff" spam in your sig, so those of us who turn sig display off to avoid having to read "free stuff" spam don't have to read it. Thank you.
    Log in and say it like a man ;)
    --
    - /home is where the food is.
  6. Rejected by l8f57 · · Score: 0, Offtopic

    2004-10-29 17:01:22 Gmail is open to exploit (Your Rights Online,Security) (rejected)