In this post I'm going to share some of XSSes I found for Google Bug Bounty. However all of these findings are located in their sandbox-domain.
Eventhough there's still a risk for user such as phishing,malware,jdb and so on,still under Google Bug Bounty Program,it is not acceptable.
This info is mentioned at their page
http://www.google.com/about/appsecurity/reward-program/#notavuln
If you still trying to send bugs found in sandbox-domain,this kind of email will appear in your inbox
The domain in which the feature is hosted is specifically meant as aSince there's no reward for sandbox-domain, I asked their permission to publish the bug in my blog and got their permission :)
compartmentalized "sandbox" for various types of potentially unsafe,
user-controlled content. This domain is isolated from any sensitive
content due to the same-origin policy.
Below are some of XSSes I found in their sandbox-domain and of course,rejected -_-"
*.googleapis.com
bug existed due to old version of Jplayer
*.googledrive.com
similar issue found in googleapis.com, old version Jplayer
*.googleusercontent.com
Stored XSS. Can found this in Google Current. However,there's someone else found this previously
*.2mdn.net
This one found after Internetwache posted in his blog trying to bypass limited char XSS.
I think that's all! See you again!
adios
@yappare
0 comments:
Post a Comment