Submission + - Second Google Desktop vulnerability uncovered
zakkie writes: "According to InfoWorld, Google's Desktop indexing engine is vulnerable to an exploit (the second such flaw to be found) that could allow crackers to read files or execute code. By exploiting a cross-site scripting (XSS) vulnerability on Google.com, an attacker can grab all the data off a Google Desktop. Google is said to be "investigating"."