Philipp Lenssen has discovered a hack to Google's XSS that allows access to personal data, according to Blogoscoped today.
The tests he used with co-editor Tony Ruscoe show that is possible to get access to subject line information and first few words of emails from Gmail, statistical information from Google Analytics, as well as see what Google Gadgets are being used.
The glitch is specific to Explorer, the pair reported, and uses a cross site scripting attack.
The post comes with detailed pics of what is happening. Well worth the read.
Early Bird Rates have been extended!
June 12-14, 2013: Join industry experts at SES Toronto for a crash course in the latest strategies in Online Marketing and Advertising.
Save $300 when you register by Thursday, May 23.