Kategoriler
Vulnerability

Part (2) WRITE UP – [Google VRP ] GOOGLE BUG BOUNTY: AngularJS XSS Console Cloud Google Transfer on-premises jobs

Hi

Two days before the end of 2020

I will tell you about the XSS problem of transfer internal work in google cloud.

Steps to reproduce

Google cloud account logged in

Transfer on-premises jobs were visited during research

https://console.cloud.google.com/transfer/on-premises/jobs?project= (id)

I created a transfer job on that page

pOC video

XSS load has been entered in the places that appear in the pOC video

I renewed the browser page I am using

The End!

Report Timeline

Nov 20, 2020: Sent the report to Google VRP

Nov 20, 2020: Got a message from google that the bug was triaged

Nov 20, 2020: Bug Accepted

Nov 20, 2020:
Hi,

🎉 Nice catch! I’ve filed a bug based on your report.

The panel will evaluate it at the next VRP panel meeting and we’ll update you once we’ve got more information. All you need to do now is wait. If you don’t hear back from us in 2-3 weeks or have additional information about the vulnerability, let us know!

Regards,
P…, Google Security Team

Dec 1, 2020: $ bounty awarded Fixed by Google

Dip Not: This report Everything was like a short movie based on half an hour 🙂

Thanks Google Web Security Team!