Google Patches Security Flaw Affecting Gmail Users
Google patched a vulnerability Nov. 20 that allowed someone to send spam to Gmail users.Google has patched a vulnerability that could have been used to spam Gmail users who visited a specially crafted Website. The bug was first reported Nov. 20 by TechCrunch after someone known as Vahe G. created a site to exploit the issue. The situation affected users who visited the site while they were still logged onto Gmail, and reportedly worked regardless of whether or not the user was browsing in Google Chrome's "Incognito" mode.
"We quickly fixed the issue in the Google Apps Script API that could have allowed for e-mails to be sent to Gmail users without their permission if they visited a specially designed Website while signed into their account," a Google spokesperson said. "We immediately removed the site that demonstrated this issue, and disabled the functionality soon after. We encourage responsible disclosure of potential application security issues to firstname.lastname@example.org."