Philipp Lenssen has discovered a hack to Google's XSS that allows access to personal data, according to Blogoscoped today.
The tests he used with co-editor Tony Ruscoe show that is possible to get access to subject line information and first few words of emails from Gmail, statistical information from Google Analytics, as well as see what Google Gadgets are being used.
The glitch is specific to Explorer, the pair reported, and uses a cross site scripting attack.
The post comes with detailed pics of what is happening. Well worth the read.
Introducing... ClickZ Live!
SES Conference & Expo has merged with ClickZ to bring you ClickZ Live! The new global conference series takes on the identity of the industry's premier digital marketing publication, ClickZ.com, and kicks off March 31-April 3 in New York City. Join the industry's leading tech-advertisers in the advertising capital of the world! Find out more ››
*Super Saver Rates expire Jan 24.