Security researcher, Ucha Gobejishvili has found XSS vulnerabilities in Google, Myspace and some other popular website.
A security researcher from Vulnerability Laboratory published cross site scripting vulnerability in Google apps page and also in some other popular websites. The name of the security researcher is Ucha Gobejishvili, who is also known as longrifle0x. He reported the vulnerability to Google.
According to the report, the level of risk due to the vulnerability is low but it can lead to cookies stealing and account hijacking.
He has also found vulnerabilities in Forbes search page, Ferrari’s official online store, MTV, and the social network MySpace. Unfortunately, none of them is currently patched up and reports from XSSED reveal that the domains were already XSS’ed.