Finjan, the provider of proactive secure content management solutions for businesses of all sizes, informed Google last week of a dangerous cross site scripting vulnerability on its website. 
The cross site scripting vulnerability could have allowed a remote attacker to take over victimsí Google Accounts, or fake the websiteís content in order to deceive end users into downloading malicious content or providing personal and confidential information (known as íphishingí), said Limor Elbaz, VP Business Development and Strategy of Finjan.
Two www.google.com sub-sites contained forms which did not validate and filter input. Due to the lack of data validation and filtering, this vulnerability could have allowed an attacker to inject content and scripts which could allow him to steal the victimís cookie. If the victim were to be logged-on to their Google Account at the time, the attacker, by virtue of having the victimís cookie, could have gained access to some of the Google services like the victimís personal account information, his/her saved searches, Froogleís wish list, Google alerts, or even identify the user in the Google Groups. The attacker might also have been able to change the content of the whole page, which would allow him to perform phishing attacks, or convince the user to download malicious files.
In late September, Finjanís Malicious Code Research Center (MCRC) provided Google with full technical details, including proof-of-concept, concerning the vulnerability in order to assist Google with the fix. Google worked quickly to complete the fix on its website, which is no longer exposed to this vulnerability.
Finjan Identifies Dangerous Cross Site Scripting Vulnerability on Google
Google Has Fixed Website Vulnerability Which Exposed Google Users to Identity Theft
