Google Apps Script vulnerability

in #blog7 years ago

arudesign.jpg

Proofpoint, a security firm has uncovered a vulnerability in Google apps script which can be used to deliver malware in any user’s machine. Google Apps Script is a scripting language based on JavaScript handled across all G Suite products like Docs, Sheets, Slides, and Forms.

“Proofpoint research has found that Google Apps Script and the normal document sharing capabilities built into Google Apps supported automatic malware downloads and sophisticated social engineering schemes designed to convince recipients to execute the malware once it has been downloaded,” Maor Bin, security researcher at Proofpoint, wrote in an advisory.

Also Proofpoint have warned that this would allow the attackers to exploit more on the SaaS application to find flaws and utilise that to spread their malware.

Read Fully at https://anonywise.me/google-apps-script-vulnerability/