11-19-2005, 12:02 PM
Quote:Google Base launched with security hole
Cross-site scripting vulnerability fixed early Friday
Google has patched a security problem with its Google Base that allowed attackers to steal sensitive information from users of the new content-hosting service.
The problem, which was patched within hours of its discovery earlier this week, allowed attackers to steal cookies and other information from Google Base users and also gave attackers a way to embed fraudulent forms within Google Base Web pages. This type of problem, called a cross-site scripting vulnerability, has also cropped up in Google's search service and in Yahoo Inc.'s mapping product.
full article: http://www.infoworld.com/article/05/11/1...ole_1.html