A security flaw in Google’s search appliances could expose Web sites that use the products to information-stealing phishing attacks, experts warned Monday.

The Google Search Appliance and Google Mini are used by organizations including banks and universities to add search features to Web sites. A flaw in the way the systems handle certain characters makes it possible to craft a Web link that looks like it points to a trusted site, but when clicked serves up content from a third, potentially malicious site.

Story at news.com.com