Cross Site Scripting Discovered in Google 158
Security Test writes "Yair Amit posted a message early this morning to The Web Security Mailing List outlining a Cross Site Scripting flaw in Google that allows an attacker to carry out Phishing Attacks."
Re:Javascript is a security problem? (Score:2, Funny)
Gosh, you make it sound like the Web started as a text content medium or something!
Re:but this was resolved three weeks ago. (Score:5, Funny)
XSSholes! (Score:5, Funny)
I had to laugh at that one.
Only an XSShole would steal your cookies.
Re:It's been fixed (Score:1, Funny)
Re:but this was resolved three weeks ago. (Score:5, Funny)
Re:It's been fixed (Score:2, Funny)
Re:OT: date format (Score:3, Funny)
It was scheduled to be phased out on 01/03/02 but, well...you can guess what happened.