lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Jan 2007 11:26:15 +0000
From: Denzity <denzity@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Gmail XSS?
There's reports of a gmail xss in the wild that will steal someone's contact
list and email if they website is visited while being logged in to gmail.
http://cyber-knowledge.net/blog/2007/01/01/gmail-vulnerable-to-contact-list-hijacking/
I can't find this on Bugtraq or any release. Anyone have any more info or a
PoC?
Thanks, Denzity.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/