iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (4)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Even Google is prone to XSS, HTML injection ,CSRF Attacks,Please check this out!!
  • mandi
    Posts: 207
    Just found this News on the Internet,

    But i am very much amazed,Because security bugs on google is very rare,I am sure they have some dedicated pen testing and security team,I don't know how they missed to find out these,Any way please check these links and post your comments

    XSS and Clickjacking:

    http://devteev.blogspot.com/2010/12/rewarding-web-application-security.html
    CSRF in Google Calender:

    http://nealpoole.com/blog/2010/11/google-vulnerability-reward-program-google-calendar-csrf/
    XSS and HTML Injection:

    http://tinkode27.baywords.com/google-com-xss-html-code-injection/
    Hope it may be interesting to you guys...


    I am not sure they have patched it or not,this News has been published through "nullmailing list"...
  • Xin
    Posts: 3,251
    Im assuming these are non-persistant xss though but still you would think it should be secure
    Xin
Add a Comment