Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gmail Accounts Vulnerable to XSS Exploit

Posted by michael on Friday October 29, 2004 @09:27AM from the ooooooops dept.

mallumax writes "A security hole in GMail has been found (an XSS vulnerability) which allows access to user accounts without authentication. What makes the exploit worse is the fact that changing passwords doesn't help. The full details of the exploit haven't been disclosed. The vulnerability was reported by Israeli news site Nana. They were tipped off by an Israeli hacker. Google has been notified and they are working to close the hole. The Register has the story here."

1 of 232 comments (clear)

Min score:

Reason:

Sort:

Re:I must do my part to help. by Weirdofreak · 2004-10-29 09:48 · Score: 1, Offtopic

And I'll give one to the first person who can explain how somebody's going to fix it without an account.

No IPods or the like though. Nyer.