Full Disclosure mailing list archives
Gmail XSS?
From: Denzity <denzity () gmail com>
Date: Mon, 1 Jan 2007 11:26:15 +0000
There's reports of a gmail xss in the wild that will steal someone's contact list and email if they website is visited while being logged in to gmail. http://cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/ I can't find this on Bugtraq or any release. Anyone have any more info or a PoC? Thanks, Denzity.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Gmail XSS? Denzity (Jan 01)
- <Possible follow-ups>
- Re: Gmail XSS? Juha-Matti Laurio (Jan 01)