Back to directory

WRITEUP #1085

googlesource.com access_token leak (Awarded $7500)

OtherURL validation bypassRegexToken leak

by@ndevtk(NDevTK)

Bounty

$7,500

Program

Google

Published

Jun 11, 2023

Added to HackDex

Jun 12, 2023

Read Full Writeuphttps://ndevtk.github.io/writeups/2023/06/11/googlesource/

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Part 2: From Byovdll To Arbitrary Code Execution In Lsass

OtherUse-After-Free

Built with ❤️ by Shubham Rawat