Comments on: Universal XSS Vulnerability in all Google Services can compromise your personal information http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/ Inferno's Blog on Application Security Fri, 02 Apr 2010 17:28:55 -0700 http://wordpress.org/?v=abc hourly 1 By: Goolag Scanner | PenTestIT http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-75 Goolag Scanner | PenTestIT Fri, 12 Jun 2009 16:44:21 +0000 http://securethoughts.com/?p=252#comment-75 [...] Universal XSS Vulnerability in all Google Services can compromise … [...] [...] Universal XSS Vulnerability in all Google Services can compromise … [...]

]]> By: ocean http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-49 ocean Wed, 20 May 2009 10:02:12 +0000 http://securethoughts.com/?p=252#comment-49 Great work inferno Great work inferno

]]> By: Google Quietly Patches Huge Vulnerability - News: Everything-e http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-40 Google Quietly Patches Huge Vulnerability - News: Everything-e Tue, 12 May 2009 21:19:36 +0000 http://securethoughts.com/?p=252#comment-40 [...] handle of “Inferno” discovered a cross-site scripting ( XSS) vulnerability in mid-April affecting a range of Google services like Gmail, Google Documents, iGoogle, and [...] [...] handle of “Inferno” discovered a cross-site scripting ( XSS) vulnerability in mid-April affecting a range of Google services like Gmail, Google Documents, iGoogle, and [...]

]]> By: dobberpop http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-39 dobberpop Mon, 11 May 2009 22:18:54 +0000 http://securethoughts.com/?p=252#comment-39 Grateful, compliments (amazing. To find Google did not itself found the gap) Grateful, compliments (amazing. To find Google did not itself found the gap)

]]> By: Inferno http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-38 Inferno Mon, 11 May 2009 15:30:15 +0000 http://securethoughts.com/?p=252#comment-38 @Gabriel, @vinod - thanks for your comments and appreciation.... @Gabriel, @vinod – thanks for your comments and appreciation….

]]> By: Lost in the Noise » Blog Archive » Ernstig lek in Google.com gedicht http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-37 Lost in the Noise » Blog Archive » Ernstig lek in Google.com gedicht Mon, 11 May 2009 13:21:06 +0000 http://securethoughts.com/?p=252#comment-37 [...] werd de update uitgerold. Een proof-of-concept van het inmiddels niet meer werkende lek is op het blog van de onderzoeker te vinden. Google mag blij zijn dat Inferno het lek bij hen meldde, volgens [...] [...] werd de update uitgerold. Een proof-of-concept van het inmiddels niet meer werkende lek is op het blog van de onderzoeker te vinden. Google mag blij zijn dat Inferno het lek bij hen meldde, volgens [...]

]]> By: vinod http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-36 vinod Mon, 11 May 2009 10:57:49 +0000 http://securethoughts.com/?p=252#comment-36 Hi Bro, Good stuff. keep posting. Hi Bro,

Good stuff.

keep posting.

]]> By: Gabriel Lima http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-35 Gabriel Lima Mon, 11 May 2009 03:45:58 +0000 http://securethoughts.com/?p=252#comment-35 Hi, Congratulations for your analysis and thanks for this great post! Regards, Gabriel Lima. Hi,
Congratulations for your analysis and thanks for this great post!

Regards,
Gabriel Lima.

]]> By: Inferno http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-34 Inferno Sun, 10 May 2009 21:55:15 +0000 http://securethoughts.com/?p=252#comment-34 Hi Maximiliano, Thanks for your comments. I believe in responsible disclosure, so i waited for this vulnerability to get fixed completely. Now it is published in places such as bugtraq - http://www.securityfocus.com/archive/1/503389 and caught some press here - http://securityandthe.net/2009/05/09/xss-against-google-services-scary-but-fixed-fast/. Thanks and Regards, Inferno Hi Maximiliano,

Thanks for your comments. I believe in responsible disclosure, so i waited for this vulnerability to get fixed completely. Now it is published in places such as bugtraq – http://www.securityfocus.com/archive/1/503389 and caught some press here – http://securityandthe.net/2009/05/09/xss-against-google-services-scary-but-fixed-fast/.

Thanks and Regards,
Inferno

]]> By: Maximiliano Soler http://securethoughts.com/2009/05/universal-xss-vulnerability-in-all-google-services-can-compromise-your-personal-information/comment-page-1/#comment-33 Maximiliano Soler Sun, 10 May 2009 21:03:11 +0000 http://securethoughts.com/?p=252#comment-33 Hi Inferno; Good job, excellent. Very professional you, not publishing the vulnerability. You know as Google includes everything with a account. ;) Regards; Maximiliano. Hi Inferno;
Good job, excellent.

Very professional you, not publishing the vulnerability.

You know as Google includes everything with a account. ;)

Regards;
Maximiliano.

]]>