Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Google vulnerabilities with PoC

From: M Kirschbaum <pr0ix () yahoo co uk>
Date: Sat, 15 Mar 2014 03:17:35 +0000 (GMT)
The thread starter is right about this. It is a vulnerability, and I think Google should start considering this.
 
The JSON service responds to GET requests , and there is a good chance that the service is also vulnerable to JSON 
Hijacking attacks.
 
As a professional penetration tester , I believe that Google was false not to award this.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: