Back to directory
WRITEUP #4420

How I was able to send Authentic Emails as others — Google VRP [Resolved]

Logic BugLogic flawHTML injectionEmail spoofingOpen mail relay
by@sriramoffcl(Sriram Kesavan)
Program
Google
Published
Aug 15, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/bugbountywriteup/how-i-was-able-to-send-authentic-emails-as-others-google-vrp-resolved-2af94295f326
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
500$ From Meta by reporting a HTMLi(Accidental Bug)
OtherHTML injection
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Access
SSRFHTML injection

Built with ❤️ by Shubham Rawat