Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Problems in Custom Search Engines

Custom search engines are offered by the major online search providers to give site maintainers an easy-to-use search engine that site visitors can use to search their site and the Internet at large.

The ongoing Month of Search Engine Bugs has uncovered vulnerabilities that are affecting the custom search engine solutions from both Google and Yahoo! For an otherwise secure site, the presence of these third party extensions could represent a significant security threat that will allow an attacker to capture sensitive user data (from cookies) or perform arbitrary XSS or HTML injection attacks.

Site administrators should weigh up the risks and benefits of using third party code on their sites, irrespective of the source.

16 June 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.