About
Title: Reflected XSS in Google GroupsBusiness Risk: High
Discovery Date: October/November
Payload: <href="url" onmouseover=alert(1)>
Author: Manuel Sousa (me)
Steps to Reproduce
This bug requires 2 accounts.
1. Login to Google Groups With Account 1
2. Create a group.
3. Publish in the group and Upload a .swf file with a payload written in the file. (Download here!)
4. Now click on "see"
Now we have a link to acesss the .swf file (https://groups.google.com/group/xsstesttmanuelsousa/attach/a9f1c6bf1187cde9/xss.swf?part=4&authuser=0&view=1)
6. Logout Google Services with Account 1º
7. Login to Google Services With Account 2º
8. Now acess the file created before with account 1º
9. Now we will see a forbidden page. (the file is restricted)
10. Inject the code ( <href="url" onmouseover=alert(1)>SOMETEXTHERE)
11. Injected link: https://groups.google.com/
Disclosure Timeline
October 24, 2013 at 11:00 PM (WET Time): Vulnerability Discovered
October 25, 2013 at 00:05 AM (WET Time): Initial Report
October 25, 2013 at 00:05 AM (WET Time): Autoresponse from Security bot
October 25, 2013 at 8:22 PM (WET Time): First response from Security Team
November 5, 2013 at 22:46 AM (WET Time): Bounty Rewarded.
November 7, 2013: Vulnerability Fixed
You can see my name in Hall of Fame, and I promise, I'll be there more often ;). (http://www.google.com/about/ap
Sorry about my English :3
can give me google secuirity team email add
ReplyDeleteHow to play roulette online with real money - Drmcd
ReplyDeleteHow to play roulette online with real 남원 출장마사지 money · Play 양주 출장샵 the roulette game online 청주 출장샵 · Make your roulette wager on any number of points 밀양 출장마사지 · Take the advantage of 김천 출장마사지
Keeping pace with client developments, most modern-day sport builders adopt a mobile-first philosophy, making their games easily accessible on all major fashionable platforms. Leading provider Push Gaming’s complete repertoire, for instance, is optimised seamlessly for cell 1xbet on line casino play. Dive deep under sea in the palm of your hand with Razor Shark, or embark on a Polynesian journey in Tiki Tumble. Well, each time somebody stops by for a number of} spins, they provide us with invaluable snippets of information on their enjoying in} tendencies. Data regarding parameters like games played and average amount wagered is relayed to our quantity crunchers instantly, helping us build a snapshot of every individual participant.
ReplyDeleteYou can go for four fiat banking methods and four crypto methods. You by no means know what's coming your way, nevertheless it's always one thing good. 카지노 The authorized playing age in most US states is 21 but there are some exceptions. To find out the authorized playing age in your state, take a look at ourguide to playing ages right here. Make positive you find out whether on-line playing is authorized in your state and also what the authorized playing age before you play.
ReplyDeleteWhen the cell industry was hurting, there have been many successful firms in the console and PC sectors that actually had a tough time switching to it. Because it’s a unique format, it’s different actual property on your display, a unique gaming experience. So, even if you want to|if you wish to} play games for actual 메리트카지노 money on this web site on your smartphone, you’ll be fine. Aside from this generous welcome bonus, Punt Casino also presents a 15% day by day cashback and other day by day bonuses like free spins. In truth, you should use|you have to use} our unique bonus code PLAY200 to say a 200% match bonus on your first deposit and 50 free spins. Only the most effective from numerous respected on line casino software providers, corresponding to NetEnt, Pragmatic Play, Better Gaming, and Red Tiger Gaming.
ReplyDelete