#Title:Google Wallet CSRF
#Author: Sandeep Kamble
#Business Risk : High Risk
#Attack Type: CSRF
#Tested Browser: Firefox 3.6
#OS: Win 7 / Linux
#Reported Date: Mon, Apr 2, 2012
#Fix date : Apr 11, 2012
I recently reported CSRF vulnerability to Google. Vulnerable domain is wallet.google.com , Normally it forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.
It was missing XSRF protection Token.
POC I will upload after some time Thanks Google For listing me In Google Hall of fame and for quick Fix