The discovery comes only days after a similar bug was found with the Google Desktop search tool. As Google spread their technology over a greater number of application areas, the possibility for error increases; which could explain the recent stream of discoveries as they fall victim to public scrutiny.
Salvatore Aranzulla's web site contains information about his discovery of the bug (Italian). He also demonstrates some URLs that can be used to exploit the bug.
Posted by Paul Mutton in Security
Your link here? Advertising on the Netcraft Blog