Google's public data explorer suffered from an XML external entity injection vulnerability.
f1f93b1a77eeff328b95a62faf8d24425b8847dd2d7576805d6e28322cdc50d6
Hi All,
There was an XML external entity vulnerability within Googles Public
data explorer. This was submitted to Google as part of their Bug Bounty
Program.
For the full write up with screen shots -
http://www.securatary.com/vulnerabilities
--
All the best
Mark Litchfield
http://www.securatary.com
Twitter - http://twitter.com/securatary