A teenage blogger claims to have discovered a flaw in Google's Gmail service that allows JavaScript to run, potentially allowing a malicious hacker to gather email addresses or compromise an account. The supposed flaw may already have been fixed, however.

The teenager identifies himself in his blog as a 14-year-old named Anthony. His entry about Gmail is here.

He wrote that he was trying to email JavaScript code from a Yahoo account to a Gmail account. The code will run in a preview pane, he wrote. But if the code is mailed from one Gmail account to another, it is filtered out.

Some visitors to the blog reported being able to replicate the findings, but others said later that they were not able to and that the supposed flaw had been fixed. Google representatives in London could not immediately comment, saying the report would be forwarded to their technical staff.