Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Google Urchin password theft madness
Sep 24 2007 06:20PM
pagvac (unknown pentester gmail com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There is a trivially exploitable XSS vul on Google Urchin Web Analytics
5's login page. The vulnerability has been tested on versions 5.6.00r2,
v5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely
to be affected as well.
I know that y...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Hash: SHA1
There is a trivially exploitable XSS vul on Google Urchin Web Analytics
5's login page. The vulnerability has been tested on versions 5.6.00r2,
v5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely
to be affected as well.
I know that y...
[ more ]