Paid Advertising is
ha.ckers sla.cking
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Google spreads XSS vuls
Posted by: Dave
Date: January 12, 2007 04:07AM

I was laughing yesterday, when I was looking for some XSS related sites on

Browsing through the SERPs for "XSS", I found about 4 sites listed (on page 3), with javascript code in the url:,GGGL:2006-32,GGGL:de&start=20&sa=N

for example

If you can't see the results due to googles autmatic location redirect, I got a screenshot on (german)

I think I read about that issue already on or in this forum, but I didn't see it >in the wild<, yet.

Preparing a nice google query that automatically redirects to the listed xss-vulnerable site would be no big thing, but a google URL looks more trustworthy than urls with javascript code in it.

Options: ReplyQuote
Re: Google spreads XSS vuls
Posted by: eyeced
Date: January 12, 2007 11:27AM

The top result for me today was Oh dear google, oh dear.

Options: ReplyQuote

Sorry, only registered users may post in this forum.