Home | Archives | Account | New | Hall of Fame | Tag Cloud | Sitemap

About me, bert boerland, About my PVR, MythTV based.
Home » blogs » bertboerland's blog

Google base, accident to happen with XSS problems

Google introduced today its "base" program. It seems however that this BETA stuff was not ready for primetime roll out. There is a huge XSS problem within the code.

You can inject code in the search form and make a page look like.. well see for yourself and DO NOT SUBMIT YOUR CREDITCARD INFORMATION!

But do a view source instead. Cross site scripting and google, Scarry

By bertboerland at 16/11/2005 - 17:07 | english | google | hack | internet culture | money | webhosting | weird | bertboerland's blog | 3500 reads

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

siliconbeat

whoops, willy under load, frontpage of silicon beat

--
groets, bert boerland

By bertboerland at Wed, 16/11/2005 - 8:12pm | reply

Fixed

The issue reported was fixed sometime this morning.

By kritsch-AVRO-lid (not verified) at Thu, 17/11/2005 - 12:27am | reply

Post new comment

*
*
The content of this field is kept private and will not be shown publicly.


*

  • You may link to images on this site using a special syntax
  • Textual smileys will be replaced with graphical ones.
  • You may post code using <code>...</code> (generic) or <?php ... ?> (highlighted PHP) tags.
  • Voting controls can be added to this post.
  • Lines and paragraphs break automatically.
  • Easily link to terms in various wikis. For help, see interwiki.
  • Allowed HTML tags: <A><I><LI><OL><U><UL><img><p><tt><table><hr><small><div><br><strike><b><pre><li><ul><td><tr><blockquote>
  • Insert Google Map macro. Create a macro
More information about formatting options