Delete comment from: Google Online Security Blog
Google security is not that much compared to Facebook , Microsoft and other service providers...
For example you can log out somebody indefinitely from using Google services by just exploiting CSRF vulnerability ...
Put this link in a loop in your website form load event and the other person will not be able to use Google services...a DOS attack ...pretty simple flaw ....
https://mail.google.com/mail/u/0/?ui=2&ik=310bc0d947&view=om&th=146a8759aa7f7af8
Jun 17, 2014, 8:39:47 AM