Two Google.com sub-sites contained forms that did not validate and filter input. Because of the lack of data validation and filtering, the vulnerability could have allowed an attacker to inject content and scripts and steal Google.com users' cookies. When users were logged on, an attacker could then gain access to Google services such as account information, saved searches, Google alerts and the user's Google Groups identity, Finjan said.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.