1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Business Profile - (GMB) Local and Maps 6:20 am May 21, 2026

Forum Moderators: open

Message Too Old, No Replies

Security Flaw in Toolbar?

         

rogerd

8:52 pm on Sep 22, 2004 (gmt 0)

WebmasterWorld Administrator 10+ Year Member



The "about" input isn't validated and could be used for script execution, according to this article:

[securitytracker.com...]

Astinus

5:58 am on Sep 23, 2004 (gmt 0)

10+ Year Member



The fine print:
Rafel Ivgi subsequently reported that the 'res:' protocol cannot be invoked from the Internet zone, preventing this flaw from being directly exploitable by remote users.

In short, this only works if you can get the user to download and view a page locally. And if you can get users to do that, there's far worse damage that can be done.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Business Profile - (GMB) Local and Maps 6:20 am May 21, 2026