Google API Vulnerable To Cross-Site Scripting
Security advisory firm Secunia reported a cross-site scripting vulnerability in the Google API Search Engine Script version 1.x, and confirmed it does exist in 1.3.1.
The blog described the vulnerability, which Secunia tested and found it does exist:
Secunia has rated the vulnerability as “less critical.” The vendor, WWWSearchSolutions, will have to update the source code to fix the issue; developers using the script should check the website for a corrected version.
David Utter is a staff writer for WebProNews covering technology and business. Email him here.