Issue No. 01 - January/February (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.25
Dave Ahmad , Bombardier Aerospace
The author discusses a common Gmail vulnerability, cross-site request forgery. During the time a user is authenticated to an online application, such as Web mail, the user's browser can be coerced into making authenticated requests to the application on a third party's behalf. Using that, it's quite simple to hijack domains that don't belong to you.
Gmail vulnerability, cross-site request forgery, domain hijacking, attacks, vulnerabilities, Gmail, Attack Trends
D. Ahmad, "The Confused Deputy and the Domain Hijacker," in IEEE Security & Privacy, vol. 6, no. , pp. 74-77, 2008.