Issue No.01 - January/February (2008 vol.6)
Dave Ahmad , Bombardier Aerospace
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.25
The author discusses a common Gmail vulnerability, cross-site request forgery. During the time a user is authenticated to an online application, such as Web mail, the user's browser can be coerced into making authenticated requests to the application on a third party's behalf. Using that, it's quite simple to hijack domains that don't belong to you.
Gmail vulnerability, cross-site request forgery, domain hijacking, attacks, vulnerabilities, Gmail, Attack Trends
Dave Ahmad, "The Confused Deputy and the Domain Hijacker", IEEE Security & Privacy, vol.6, no. 1, pp. 74-77, January/February 2008, doi:10.1109/MSP.2008.25