Cyber criminals are wasting no time targeting Google Buzz. They now may have an easier time of it thanks to a common Web programming error that could give hackers a way to take over Google Buzz accounts, according to Computerworld.
Robert Hansen, CEO of SecTheory, calls the cross-site scripting flaw a “medium-sized problem,” since it opens the door for phishing scams against Google users.
Google says it is aware of the vulnerability and is working on a fix. A spokesman says that there is no indication that the flaw is being actively abused.