Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cross Site Scripting Discovered in Google

Posted by CmdrTaco on from the hate-when-that-happens dept.

Security Test writes "Yair Amit posted a message early this morning to The Web Security Mailing List outlining a Cross Site Scripting flaw in Google that allows an attacker to carry out Phishing Attacks."

2 of 158 comments (clear)

  1. Re:What bullshit... - Are you out of your mind??? by ninja_assault_kitten · · Score: 1, Troll

    I have and it's not serious. At best it's a medium risk. It's not like you can exploit the XSS vul without any user intervention. You still have to get the user to go to the malicious URL. That immediately says to me, 'not serious'. But I guess you're down with infosec marketing propaganda.

    Do you work for Watchfire by chance?

  2. Re:but this was resolved three weeks ago. by Nutria · · Score: 0, Troll

    Europeans and their 12-day-long 31-month years...Sheesh!

    Dammit! They should be more like Us!

    --
    "I don't know, therefore Aliens" Wafflebox1