tag:blogger.com,1999:blog-71876385097156459102012-02-16T04:26:49.986-08:00Script Hackerhttp://www.blogger.com/profile/15223820577941348147noreply@blogger.comBlogger11100tag:blogger.com,1999:blog-7187638509715645910.post-74722611453233121932007-11-06T02:08:00.000-08:002007-11-06T02:23:02.528-08:00There is a xss in <a href="https://www.google.com/">https://www.google.com</a>.<br /><br />Poc:http://www.loveshell.net/blog/blogview.asp?logID=262<br /><br />This xss is very critical,you can get the cookie to login into gmail ore other service.<br /><br />The document.location.hash is evil :)<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/7187638509715645910-7472261145323312193?l=xss2root.blogspot.com' alt='' /></div>Script Hackerhttp://www.blogger.com/profile/15223820577941348147noreply@blogger.com1