Google Cross-Site Scripting Flaw Fixed

7 Comments

Google has fixed a cross-site scripting vulnerability on its Web site, according to security firm Watchfire. The flaw allowed an attacker to impersonate legitimate Google services in order to launch a phishing attack. The search engine applauded the firm for withholding disclosure until it could fix the problem.

The XSS flaw existed in how Google redirected users in its error pages. An attacker could use UTF-7 characters to take advantage of the vulnerability and insert malicious JavaScript into the URL, the firm said. According to Watchfire, Google fixed the problem on December 1, just two weeks after it had been alerted to the problem.

Tags:
7 Comments

7 Responses to Google Cross-Site Scripting Flaw Fixed

Got News? Contact Us

Recent Headlines

Intuit launches agentic AI consumer platform for year-round money management

Identity for AI aims to bring accountability and trust to enterprise AI systems

CISO budgets increase with identity and data protection top priorities

IT leaders want to see AI integrated into their technology stack

Google Maps to receive AI upgrade powered by Gemini

AI makes holiday shopping scams harder to spot

81 percent of security teams lack visibility into AI coding

Most Commented Stories

Microsoft is making every PC an AI PC with new Hey Copilot voice command

15 Comments

Apple, predictably, thinks Windows 10 users should move to macOS – here’s why

15 Comments

Nearly a third of US and UK consumers plan to switch internet providers, survey finds

6 Comments

Microsoft says Windows update may have caused login problems

4 Comments

Mozilla commits to updating Firefox on Windows 10

3 Comments

Microsoft brings new Start menu experience to Windows 11 Insiders

3 Comments

PowerToys update throws users into mode switching confusion

3 Comments

Windows 10's end of life is only days away -- WhyNotWin11 explains why your PC may not qualify for Windows 11

3 Comments

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.