Gmail accounts 'wide open to exploit' - report

Google"s high profile webmail service, Gmail, is vulnerable to a security exploit that might allow hackers full access to a user"s email account simply by knowing the user name, according to reports. The security flaw allows full access to users" accounts, with no need of a password, Israeli news site Nana says.

Using a hex-encoded XSS link, the victim"s cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed. Following up a tip from an Israeli hacker, journos from the site confirmed the attack and verified the exploit with local security firm Aladdin Knowledge Systems.

News source: The Register

Report a problem with article
Next Article

Google Plans Desktop Search Tool for Apple PCs

Previous Article

Simpler ID management readied by Microsoft