Full Disclosure mailing list archives
Cross Site Scripting in Google
From: RSnake <rsnake () shocking com>
Date: Tue, 4 Jul 2006 21:55:01 -0700 (PDT)
Google is vulnerable to cross site scripting attacks. I found a function built off their add RSS feed function that returns HTML if a valid feed is found. It is intended as an AJAXy (dynamic JavaScript anyway) call from an inline function and the page is intended to do sanitation of the function. However, that's too late, and it returns the HTML as a query string, that is rendered, regardless of the fact that it is simply a JavaScript snippet. Here is the post that explains the whole thing: http://ha.ckers.org/blog/20060704/cross-site-scripting-vulnerability-in-google/ -RSnake http://ha.ckers.org/ http://ha.ckers.org/xss.html http://ha.ckers.org/blog/feed/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cross Site Scripting in Google RSnake (Jul 04)
- Re: [WEB SECURITY] Cross Site Scripting in Google bugtraq (Jul 05)
- Re: [WEB SECURITY] Cross Site Scripting in Google mikeiscool (Jul 05)
- Re: [WEB SECURITY] Cross Site Scripting in Google RSnake (Jul 05)
- Re: Re: [WEB SECURITY] Cross Site Scripting in Google n3td3v (Jul 05)
- Re: Re: [WEB SECURITY] Cross Site Scripting in Google Javor Ninov (Jul 05)
- RE: Re: [WEB SECURITY] Cross Site Scripting inGoogle Edward Pearson (Jul 06)
- Re: [WEB SECURITY] Cross Site Scripting in Google bugtraq (Jul 05)