Google Resolves Gmail’s “AMP4Email” Security Issue

Google has just fixed a security issue found in one of the key features of Gmail. The issue which was named as “AMP4Email” makes the email dynamic by popping the actionable content pop-up inside the inbox.

Chief Security Officer at Securitium, Michal Bentkowski explains the process, “AMP4Email makes it possible for users to take action directly”. It is also known as dynamic mail which makes possible for the users to include dynamic HTML content in their emails.

Michal Bentkowski reported that the AMP4Email burdened the DOM clobbering when he was trying out bypass this issue. He said, “I noticed that ‘id attribute’ is not disallowed in tags”.

He tried to bypass the security issue but unfortunately he was unable to do so, called it an interesting challenge and hoped that someone else will find a way to bypass this issue.

He reported the bug back in August 15 to which Google responded, “The bug is awesome, thanks for reporting. Google reported to Bentkowski on October 12 saying, “The issue had been resolved”

Bentkowski explained DOM Clobbering as, “DOM Clobbering is a legacy feature of web browsers that just keeps causing trouble in many applications. Basically, when you create an element in HTML (for instance <input id=username>) and then you want to reference it from JavaScript, you would usually use a function like document.getElementById(‘username’) or document.querySelector(‘#username’). But these are not the only ways!” This behavior (which is known as DOM Clobbering) can lead to interesting destructions in the application.

Related Stuff: