According to the Israeli news website Nana, Google's Web-based email service Gmail has a serious security vulnerability. This vulnerability allows intruders to successfully access all accounts without knowing the user account password.
According to the website, hackers only need to use a hex XSS link to steal users' "cookies" files. Then, hackers can use this file to pretend to be the original Login User, thus successfully intrude into the account, and even if the user changes the account password after exiting the mailbox, hackers can still use this "cookie" file to successfully intrude into the user's mailbox.
Under the guidance of an Israeli hacker, The Nana website reporter and Aladdin Knowledg, a local security company, witnessed the attack.
According to informed sources, a small number of users have been attacked so far. Google said the company is developing corresponding patches.
In April 1 this year, Google announced that it would provide the Gmail email service. The service's mailbox capacity was as high as 1 GB, which caused a sensation in the industry.
But so far, this service is still in the testing stage. Other users can register a Gmail account only after receiving the invitation from the current user. However, Google did not reveal how many test users the company currently has.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
