WHID 2006-39: Another Google XSS

Share/Save

An XSS vulnerability in the feature allowing adding an arbitrary RSS to personal web pages. Since this page resides on the main www.google.com host, the executed JavaScript can access any Google resource.

Additional information:

Incident Outcome: