Web Application Security Consortium - Web hacking Incidents Database (WHID)

Contributors

Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security ) [Project Leader]

The Web Hacking Incidents Database
Last update:07 November 2007

Incident WHID 2006-11

Full List
By Class
By ID

1999
2000
2001
2002
2003
2004
2005
2006
2007

RSS
Statistics
Blog
FAQ
About

WHID

WHID 2006-11: Teenager claims to find code flaw in Gmail

Date: 02 March 2006
Incident Type: Vulnerability Disclosure
WASC Threat Classification: Cross-site Scripting

A 14 years old claims to have discovered an XSS flaw in Google's Gmail. Comments have been mixed, and Google did not comment, so either the flaw was fixed pretty fast, or did not exits.

References:

Teenager claims to find code flaw in Gmail [Network World]

Vulnerability in Gmail [Ph3rny's Blog]

Google fixes 'minor' Gmail flaw [ZDnet]

This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.