Google Crossed Up By XSS Again - Webdigity webmaster forums

28, May 2012	Google Crossed Up By XSS Again - webmaster forum

Navigation Webdigity Services Pagerank Monitor Whois Tool Web Design Gallery Webmaster Forums Webmaster Directory Tutorials Database Webmaster Forums WebDigity Community Topsites network news ... Forum Contests Forum Lounge New Member Introductions Tech News User Forums aStatSpam forum Computers 3rd-Party Scripting Leet Link Directory The 100 Lists Website ... Design and Layout Newbie webmaster Graphics & Multimedia Adobe Photoshop Macromedia Flash & Act... Web Page Design HTML & XHTML CSS Accesibility issues Website & Graphic Revi... Web Development PhP ASP & .NET Java & JSP Official Java News JavaScript XML - XSLT Databases MySQL Security Web hosting talk Hosting companies Domain names Configuring your server Apache web server Marketing your site CPC programs Chitika eMiniMalls CPM programs Affiliate programs & o... Web site promotion Promotion techniques Search Engine Optimiza... Google SEO Promoting & building a... Marketplace Advertise your services Sell your site Sell a domain name Request services Hire people Link trading requests [ Home \| Help \| Search \| Forum's Shop \| Archive \| Login \| Register \| Webmaster Directory ]

Webdigity Webmaster Forums > WebDigity Community > Forum Lounge > Tech News
Topic: Google Crossed Up By XSS Again

« previous next »

Pages: [1]

Instabuck - The easy way to sell digital products online

Author

Topic: Google Crossed Up By XSS Again (Read 853 times)

Robot
Internet Junkie

Posts: 2177
19591 credits
Members referred : 0

« on: Jan 16, 2007, 01:17:35 pm »

Yet another cross-site scripting issue has cropped up with Google, as their dominant place on the Internet could be starting to draw Microsoft-like attention from malicious hackers.

To read the full article click here

I am a metal monkey!
Administrator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 5799
46391 credits
Members referred : 3

« Reply #1 on: Jan 16, 2007, 07:52:27 pm »

Interesting read Smiley

Quote

I will not give you details as to how the exploit works until it has been fixed - but I can tell you that it is extremely easy for anyone who knows HTML to exploit

Seems like the google engineers are not SO good after all....

Trial and Error my two best teachers Cool

Join us @ facebook or twitter

Last blog : Butterfly Marketing 2.0

Tim Nash
Global Moderator
Community Supporter ?
Internet Junkie

Posts: 2175
5052 credits
Members referred : 2

Venture Skills - New Media & IT group

« Reply #2 on: Jan 17, 2007, 01:01:24 pm »

Cross scripting issues are bound to pop up in web based applications paticularly across a large single sign on system like Google. I'm only suprised it doesn't happen more often. I think part of the problem is the authentication methods google use vary from application, how Google Analytics authenticates users for example appears to be different from how Gmail does.

I think once this is sorted out and they have a common platform these issues should lesson, though its still problamatic in that they actually give out methods and handles to authenticate against google user base to the public.

Would you like to be an SEO, let me help with, The Tim Nash introduction to SEO alternatively for Social media optimisation take a look at the Venture Skills Blog

Last blog : Its all in the mp3s

I am a metal monkey!
Administrator
Community Supporter ?
Jedai Sword Master

Gender:

Posts: 5799
46391 credits
Members referred : 3

« Reply #3 on: Jan 17, 2007, 01:26:18 pm »

It would be reasonable to use web services (SOAP) for that kind of operations, but as they are so vulnerable to XSS attacks it appears that google uses more old fashioned technology, which is also reasonable as the old technologies produce less overhead and for sites with millions of requests every hour this is a significant factor Smiley

Trial and Error my two best teachers Cool

Join us @ facebook or twitter

Last blog : Butterfly Marketing 2.0

Trackback URI for this entry : http://www.webdigity.com/trackback.php?topic=5638

Bookmark this thread : Digg Del.icio.us Dzone more....

Pages: [1]

Webdigity Webmaster Forums > WebDigity Community > Forum Lounge > Tech News
Topic: Google Crossed Up By XSS Again

« previous next »

Jump to:

User Area
Welcome, Guest. Please login or register. Did you miss your activation email? May 28, 2012, 05:45:15 pm Login with username, password and session length

Donate to our community, and get a permanent link back to your site!

Forum Statistics

Total Posts: 62.883
Total Topics: 11.039
Total Members: 21.467
Tutorials : 58
Resources : 929
Designs : 395
Latest Member: david03

117 Guests, 1 User online :

Googlebot

39 users online today:

w66266507, bizwiz, david03, nathan.joshua, deccanbazaar, hobbit, AndyPR, hirewebdesigner, Markirosyan, thietkelogo, nmagsbyshalo, Nikolas, X-man, zhangzhiwu, jackandrew, thergery, anytecable, jarankepang, yosa, CarlJHash, Proaxxs-peter, blackmilk, tfyjgh, ifuturz, froz, golamkayes, ketnoimang, charles0029, SEO AUS, Maximlis, zoii, mabdwasoft, jackson12, rashmimaharjan, Kim_smith, iplaytheme, bjland5, sobbin, skbj329

Recent topics
New Webmaster Forum Re: BIOS Settings Any one Played The Movies?... What is BSOD? Re: [Website] Posturepedic ... Re: Is the Website Review S... Re: Google Chrome Crashes o... Re: Spyder Spanker PRO - Wo...

HumanWorks Network
Technology news Webmaster articles Sublime web directory RSS Feed directory and viewer

Web Design Gallery · Whois Lookup · Pagerank · Tag Browsing · Lo-fi version · Syndication · Webmaster forum history · Advertise
Developed by HumanWorks © 2005 - 2012 Webdigity webmaster community · sublime directory
Webdigity Webmaster Forums | Powered by SMF 1.0.12. © 2001-2005, Lewis Media. All Rights Reserved.

Google Crossed Up By XSS Again - webmaster forum