Philipp Lenssen has discovered a hack to Google's XSS that allows access to personal data, according to Blogoscoped today.
The tests he used with co-editor Tony Ruscoe show that is possible to get access to subject line information and first few words of emails from Gmail, statistical information from Google Analytics, as well as see what Google Gadgets are being used.
The glitch is specific to Explorer, the pair reported, and uses a cross site scripting attack.
The post comes with detailed pics of what is happening. Well worth the read.
Optimising Digital Marketing Campaigns with Search, Social and Analytics
At SES London (9-11 Feb) you'll get an overview of the latest tools, tips, and tactics in Paid, Owned, Earned, Integrated Media and Business Intelligence to streamline your marketing campaigns in 2015. Register by 31 October to take advantage of Early Bird Rates.