Cross Site Scripting Discovered in Google

Please create an account to participate in the Slashdot moderation system

Cross Site Scripting Discovered in Google 158

Posted by CmdrTaco on Wednesday December 21, 2005 @11:13AM from the hate-when-that-happens dept.

Security Test writes "Yair Amit posted a message early this morning to The Web Security Mailing List outlining a Cross Site Scripting flaw in Google that allows an attacker to carry out Phishing Attacks."

This discussion has been archived. No new comments can be posted.

Cross Site Scripting Discovered in Google

Search 158 Comments Log In/Create an Account

Comments Filter:

Re:Javascript is a security problem? (Score:2, Funny)

by joelsanda ( 619660 ) writes: on Wednesday December 21, 2005 @11:31AM (#14309194) Homepage

That's right, disable js and fix the web!

Gosh, you make it sound like the Web started as a text content medium or something!

Parent Share
twitter facebook
Re:but this was resolved three weeks ago. (Score:5, Funny)

by @madeus ( 24818 ) writes: <slashdot_24818@mac.com> on Wednesday December 21, 2005 @11:35AM (#14309231)

Ob-ISO International Date Format advocation ( 2005-12-01 for the win! :-)

Parent Share
twitter facebook
XSSholes! (Score:5, Funny)

by digitaldc ( 879047 ) * writes: on Wednesday December 21, 2005 @11:41AM (#14309294)

"How common are XSS holes?"
I had to laugh at that one.

Only an XSShole would steal your cookies.

Share
twitter facebook
Re:It's been fixed (Score:1, Funny)

by Midnight Thunder ( 17205 ) writes: on Wednesday December 21, 2005 @12:06PM (#14309501) Homepage Journal

I think proponents of mmddyyyy would love my mm:hh:ss format ;)

Parent Share
twitter facebook
Re:but this was resolved three weeks ago. (Score:5, Funny)

by Flunitrazepam ( 664690 ) writes: on Wednesday December 21, 2005 @12:12PM (#14309570) Journal

Stardate 481.23.587 for the extra credit

Parent Share
twitter facebook
Re:It's been fixed (Score:2, Funny)

by Hawke666 ( 260367 ) writes: on Wednesday December 21, 2005 @01:19PM (#14310195) Homepage

and the proponents of ddmmyyyy would love your ss:mm:hh format. Go ISO!

Parent Share
twitter facebook
Re:OT: date format (Score:3, Funny)

by Cunk ( 643486 ) writes: on Wednesday December 21, 2005 @02:56PM (#14310980)

"so why dont the US kill this stupid format?"

It was scheduled to be phased out on 01/03/02 but, well...you can guess what happened.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Cross Site Scripting Discovered in Google 158

Cross Site Scripting Discovered in Google More Login

Cross Site Scripting Discovered in Google

Re:Javascript is a security problem? (Score:2, Funny)

Re:but this was resolved three weeks ago. (Score:5, Funny)

XSSholes! (Score:5, Funny)

Re:It's been fixed (Score:1, Funny)

Re:but this was resolved three weeks ago. (Score:5, Funny)

Re:It's been fixed (Score:2, Funny)

Re:OT: date format (Score:3, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot