Script injection in Google Groups Beta. If a user views a thread carefully crafted by a malicious user, then the script executes, instead of the thread.
Concept: http://groups-beta.google.com/group/n3td3v/browse_thread/thread/2379f18f5986c985 All users are vulnerable. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html