Neal Poole » Google Vulnerability Reward Program: Google Calendar CSRF
Summary
Google Calendar was vulnerable to a series of CSRF vulnerabilities. In two separate instances, I found that existing countermeasures (CSRF tokens) were not being validated by the application.
via nealpoole.com
Interesting stuff.
