[Full-Disclosure] Slashdot: Gmail Accounts Vulnerable to XSS Exploit
xploitable at gmail.com
Sat Oct 30 13:37:47 BST 2004
On Sat, 30 Oct 2004 13:47:30 +0200, Shoshannah Forbes <xslf at xslf.com> wrote:
> "A security hole in GMail has been found (an XSS vulnerability) which
> allows access to user accounts without authentication. What makes the
> exploit worse is the fact that changing passwords doesn't help. The full
> details of the exploit haven't been disclosed"
> Shoshannah Forbes
This topic has already been post on FD hours and hours ago.
I guess the security professionals are getting over excited about this
stuff because they don't have the exploit :-)
Full-Disclosure is hosted and sponsored by Secunia.