Thursday, 28 July 2011

Google Groups Profile CSRF

Google Groups profile page was vulnerable to CSRF attack to delete profile picture of an authenticated user. A simple GET request to would delete user’s current profile picture without his/her knowledge. This was possible due to absence of anti-CSRF measures.

This vulnerability is currently patched by Google. Here are the snaps of vulnerability in action.

Before the exploitation:

After CSRF exploitation: