Google closes Gmail cross-site scripting vulnerability
- — 03 January, 2007 09:39
Google has fixed a flaw that would have allowed Web sites to harvest information from Gmail contact lists, a problem that could have let spammers collect reams of new e-mail addresses.
Google appears to have fixed the problem within 30 hours of being notified, wrote Haochi Chen, a blogger who tracks the companyon his blog. A Google spokeswoman in London confirmed on Tuesday morning the problem was fixed.