Gmail Accounts Vulnerable to XSS Exploit

← Back to Stories (view on slashdot.org)

Gmail Accounts Vulnerable to XSS Exploit

Posted by michael on Friday October 29, 2004 @09:27AM from the ooooooops dept.

mallumax writes "A security hole in GMail has been found (an XSS vulnerability) which allows access to user accounts without authentication. What makes the exploit worse is the fact that changing passwords doesn't help. The full details of the exploit haven't been disclosed. The vulnerability was reported by Israeli news site Nana. They were tipped off by an Israeli hacker. Google has been notified and they are working to close the hole. The Register has the story here."

13 of 232 comments (clear)

Min score:

Reason:

Sort:

FP by Anonymous Coward · 2004-10-29 09:28 · Score: -1, Offtopic

Frost piss BITCHES!!!
dooy by Anonymous Coward · 2004-10-29 09:29 · Score: -1, Offtopic

OMFG have you seen the GMAIL 2 trailer it's like slow and it's telling you all the mail you sent in the first one then the music kicks in and and the geek comes out and gets an invite the inbox is on fire and geek is like fuck this im gonna go send an invite and HE SEND ONE TO A SPOOLER with angels singing and he lands on the spammer guys and that annoying scott richter guy is like GO GET EM TIGER! EMAIL IS ON TEH SPOKE!!!~`1 and theres less polys but rawkin bumb mappings you can view this on a special Gmail Invite that comes with a post modded down as "Troll".
1. Re:dooy by Anonymous Coward · 2004-10-29 10:06 · Score: -1, Offtopic
  
  yuo=faggort.
doh by Anonymous Coward · 2004-10-29 09:29 · Score: -1, Offtopic

@gmail.com
Down with Israel by Anonymous Coward · 2004-10-29 09:30 · Score: -1, Offtopic

Israel is full of hackers, spies, and unsavory politicians.
Re:see... by Anonymous Coward · 2004-10-29 09:41 · Score: -1, Offtopic

Hey, weren't you the guy offering gmail invites on the GNAA posts? Why don't you post some of those on this story so interested readers can take advantage? It would be ontopic afterall.
Re:I must do my part to help. by Weirdofreak · 2004-10-29 09:48 · Score: 1, Offtopic

And I'll give one to the first person who can explain how somebody's going to fix it without an account.

No IPods or the like though. Nyer.
Re:I must do my part to help. by wdconinc · 2004-10-29 09:56 · Score: 0, Offtopic

Thank you, I sent it to myself ;-)
mo3 up by Anonymous Coward · 2004-10-29 10:07 · Score: -1, Offtopic

UsEr. 'Now that Simple solution
off topic : gmail invites by peeledback · 2004-10-29 10:09 · Score: 0, Offtopic

I have 6 ? anybody want? send an email to peeledback ...at..@!#..punkass.com
Re:I must do my part to help. by pipingguy · 2004-10-29 10:22 · Score: 0, Offtopic

Screw that, I want a free Ipod.
amen to that by contagious_d · 2004-10-29 10:41 · Score: 0, Offtopic

by Anonymous Coward on Friday October 29, @06:27PM (#10668245)
Free Flat Screen HERE!
Please put your fucking "free stuff" spam in your sig, so those of us who turn sig display off to avoid having to read "free stuff" spam don't have to read it. Thank you.
Log in and say it like a man ;)

--
- /home is where the food is.
Rejected by l8f57 · 2004-10-29 10:51 · Score: 0, Offtopic

2004-10-29 17:01:22 Gmail is open to exploit (Your Rights Online,Security) (rejected)