Google slams the door on XSS flaw

Written on January 17, 2007 – 3:38 am | by GoogleBot |

‘Stop cookie thief!’

Google has patched a cross-site scripting (XSS) vulnerability in one of its web-hosting services.

If left unpatched, the vulnerability could have allowed hackers to modify third-party Google documents and spreadsheets, and view mail subjects and search history, according to the Google Blogoscoped blog.

Philipp Lenssen, the author of Google Blogoscoped - a third-party site that comments on Google developments - said the vulnerability was similar to another vulnerability in Blogger Custom Domains, reported at the weekend.

Read more: silicon.com

Related Posts

Post a Comment

Comment spam protected by SpamBam

About this site

Welcome to Techbeta. Techbeta is a site focussed on tech news, and freeware/open source software for Windows, Mac OS X, Pocket PC and Linux. More

Want to subscribe?

 Subscribe in a reader Or, subscribe via email:
Enter your email address:  
Find entries :