Serious security vulnerabilities in Gmail allow you to access your mailbox without a password

Source: Internet
Author: User

According to the Israeli news website Nana, Google's Web-based email service Gmail has a serious security vulnerability. This vulnerability allows intruders to successfully access all accounts without knowing the user account password.

According to the website, hackers only need to use a hex XSS link to steal users' "cookies" files. Then, hackers can use this file to pretend to be the original Login User, thus successfully intrude into the account, and even if the user changes the account password after exiting the mailbox, hackers can still use this "cookie" file to successfully intrude into the user's mailbox.

Under the guidance of an Israeli hacker, The Nana website reporter and Aladdin Knowledg, a local security company, witnessed the attack.

According to informed sources, a small number of users have been attacked so far. Google said the company is developing corresponding patches.

In April 1 this year, Google announced that it would provide the Gmail email service. The service's mailbox capacity was as high as 1 GB, which caused a sensation in the industry.

But so far, this service is still in the testing stage. Other users can register a Gmail account only after receiving the invitation from the current user. However, Google did not reveal how many test users the company currently has.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.