There is possible XSRF on Google Code’s Issue list on the staring features. Using predefined GET request anyone can star a Issue on someone who is logged in Google currently.
Tested and work in Firefox & IE (and maybe others).
Proof of concept: Do some one need this ? Maybe some day after Google team [...]
Archive | 11. Apr, 2008
Google Code: Issues – Cross-Site Request Forgery (XSRF)
Google AppSpot: PHP need ur help ;)
If you are interested on running PHP Apps on Google AppSpot star this issue here. Also you can sign the petition here: http://i-want-php.appspot.com/
