Tuesday, August 20, 2013

Google Security Vulnerability Discovered - Responsibly Disclosed

About a month ago I stumbled upon a vulnerability in one of Google's services and reported it to their security team. In less than 48 hours they had quickly addressed the issue and validated it's legitimacy and importance. I was quite impressed by how fast they were able to reply to my email and was glad to see how serious they took the issue. Well done. Here is the link to their hall of fame list


  1. Great, but what did you find ? xss,sqlinj,rce or what :)

    best regards

  2. Thanks, it was a stored xss on a non-integrated acquisition.