Back to directory

WRITEUP #3127

Bypassing Identity-Aware Proxy - Google Cloud Vulnerability

OAuthBroken authorizationToken leak

bySebLu

Bounty

5,000

Program

Google

Published

Dec 30, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.seblu.de/2021/12/iap-bypass.html

▸ RELATED WRITEUPS

CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)

RCEForced browsing

How I Got $250 For My Second Bug on HackerOne

OAuthSession expiration issue

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

AI Under Siege: Discovering and Exploiting Vulnerabilities

Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

OAuthAccount takeover

Built with ❤️ by Shubham Rawat