WRITEUP #4376

My first bug in google and how i got CSRF token for victim account rather than bypass it ($1337)!

CSRF

byOday Alhalbe

Bounty

1,337

Program

Google

Published

Sep 7, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@odayalhalbe1/my-first-bug-in-google-and-how-i-got-csrf-token-for-victim-account-rather-than-bypass-it-1337-bf01261feb47

▸ RELATED WRITEUPS

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Vulnerabilities in Homepage Dashboard

RCESSRF

AI Under Siege: Discovering and Exploiting Vulnerabilities

AI / LLMAI

How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty

XSSCSRF

Built with ❤️ by Shubham Rawat