Google disputes Gmail ‘bug’

A security researcher warns that Google Gmail is vulnerable to an Open URL redirection flaw, a finding disputed by Google itself.

The alleged bug creates a means for attackers to send intended victims a special crafted UR before stealing credentials or tricking them into visiting a malicious website, according to security researcher Evangelos Mourikis.

Google is yet to respond to El Reg’s request for comment on the alleged flaw. However, in a series of direct responses to Mourikis, Google stated that the supposed bug was part of its appengine application and not a security flaw. ®