14-Year-Old Blogger Discovered Gmail Security Flaw

Filed in: Google, Security, Technology, Web, Weblog — March 3rd, 2006

 

An 14-year-old blogger, Anthony found a Gmail security flaw when he sent a code from his Yahoo! mail account to his Gmail account. The code he used was:
Subject: a Body: asdfasdf<script>alert("asdF");</script>

“This vulnerability could be used to gather email addresses. Or even possibly to compromise the account.”, he said in the entry.

Google fixed the flaw shortly after the post went up, but Google claimed that it was a minor security flaw.

My two cents

No doubt, Google is fast. But I disagree that it was a minor problem.

technorati tags , ,

Read also:

«
»
  • This is a very minor malicious code injection, I believe Google framework can filter all the code before it does futher penetration.
  • but the negative point is why do they had to claim it was a mnor flaw. like lcf, i disagree that it is a minor flaw.
  • WTJ
    they response to it immediately which is a nice thing to see (positive view)
blog comments powered by Disqus