| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Dec 2004 21:59:00 +0000 From: n3td3v <xploitable@...il.com> To: full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com Subject: Re: Script Injection in Google Groups Beta On Fri, 17 Dec 2004 21:29:24 +0000, n3td3v <xploitable@...il.com> wrote: > When I was testing Google Groups Beta > (http://groups-beta.google.com/group/n3td3v) I found the script tags > executed on the Google Groups site. This only seems to work while > clicking on a reply thread, using the reply menu, featured on a given > groups homepage, when an older thread gets a reply. > > If the thread reply you try to open has a script in it, then the > script executes, instead of taking you to the reply to the thread you > were attempting to view. > > An attacker can send a reply to a thread on Google Groups Beta with a > carefully crafted script in it, to exploit Google Group Beta users! > > This is probably just the tip of the ice berg of something bigger, but > I thought I better mention it before malicious users started > exploiting people. > > Discovered today by n3td3v. > > Thanks, n3td3v. > Proof of concept: http://groups-beta.google.com/group/n3td3v/browse_thread/thread/2379f18f5986c985 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists