Philipp Lenssen has discovered a hack to Google's XSS that allows access to personal data, according to Blogoscoped today.
The tests he used with co-editor Tony Ruscoe show that is possible to get access to subject line information and first few words of emails from Gmail, statistical information from Google Analytics, as well as see what Google Gadgets are being used.
The glitch is specific to Explorer, the pair reported, and uses a cross site scripting attack.
The post comes with detailed pics of what is happening. Well worth the read.
Last Week to Save on SES London Tickets!
Learn to engage customers and increase ROI by distributing your online marketing efforts across paid, owned & earned media. Join the leaders of today's digital marketing & advertising industry at SES London. Find out more ››
*Saver Rates expire this Friday, Dec 13.