Bug discovered on :1st May 2017 Research time: 10:30 a.m. -11:00 a.m. The comments section of Google Docs is vulnerable to clickjacking. Attacker can make the victim to... a. Change the comment notifications. b. Delete the comments 29th May 2017: Bug reported 2nd June 2017 : Bug filed for Panel's evaluation 21st June 2017 : $500 reward issued. Both the bugs are fixed by disabling the Notications and Delete on comments.
Hi ! I'm a Sofware Engineer, strive to exploit security flaws only on Tech giants, though all the time my attacks go into the graveyard 😕. Guitar🎸 | Bug Bounty🐞🤑 | Love life