SEARCH OUTFIT GOOGLE has reacted angrily to a post on the Full Disclosure mailing list claiming that Gmail has been vulnerable to a Cross-Site Request Forgery (CSRF) attack since the summer of 2007.
Researchers furious that Google had done sod-all about the problem since they warned them about it released information on the attack.
Google admitted that it had been aware of this report for some time, and did not consider this case to be a significant vulnerability.
No one has ever reported it being exploited, so go back to bed. µ
L'Inq
Tech Herald