Full Disclosure mailing list archives

Script Injection in Google Groups Beta

From: n3td3v <xploitable () gmail com>
Date: Fri, 17 Dec 2004 23:14:37 +0000

Script injection in Google Groups Beta. If a user views a thread
carefully crafted by a malicious user, then the script executes,
instead of the thread.

Concept:
http://groups-beta.google.com/group/n3td3v/browse_thread/thread/2379f18f5986c985

All users are vulnerable.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Script Injection in Google Groups Beta n3td3v (Dec 22)
- <Possible follow-ups>
- Script Injection in Google Groups Beta n3td3v (Dec 23)
  - Re: Script Injection in Google Groups Beta n3td3v (Dec 23)
    - Re: Script Injection in Google Groups Beta n3td3v (Dec 23)