Thursday, May 23, 2013

Few XSSes found for Google BugBounty Program.

Its been a while for me to update this blog. Here are some XSSes I found and were fixed by the Google Team. Reflected XSS via search form - rewarded Stored XSS via CommentBox - HoF

Google Transliterate Self XSS - Dupe Reflected and Stored XSS via email invitation - rewarded Stored XSS via Google Contacts import - rewarded

afaik, all of these issues have been fixed.
There are two more issues will be shared with you guys in future :)