Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Universal XSS in all Google Services
Posted by: Inferno
Date: May 08, 2009 12:19AM

Hi Hackers,

Google just fixed a universal xss that i reported. It was in a python script that was common to most Google services. More information here - http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/

-
Inferno
SecureThoughts.com

Options: ReplyQuote
Re: Universal XSS in all Google Services
Posted by: digi7al64
Date: May 08, 2009 02:17AM

nice work.

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: Universal XSS in all Google Services
Posted by: Gareth Heyes
Date: May 08, 2009 02:52AM

I deleted the dup from bugs, as this section is more relevant

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Universal XSS in all Google Services
Posted by: Inferno
Date: May 08, 2009 03:03AM

@digi7al64 - thanks for your comments

@Gareth - Thanks a lot. I realised this after i put it in the bug category :) BTW, is there a way to change category after writing a post?

-
Inferno
SecureThoughts.com



Edited 1 time(s). Last edit at 05/08/2009 03:04AM by Inferno.

Options: ReplyQuote


Sorry, only registered users may post in this forum.