Bug discovered on: 19th March 2017 Research time: 4:30 p.m to 7:00 p.m Earn more by display ads on blog with Lithific Ads The security flaw in this post is a combination of the first two Google Bugs which I posted on this blog. 4 months ago... I was actually trying to find the encrypted ID of the Google drive file where all the form responses are recorded and bypass "Limit to 1 response". In the end, I couldn't find the ID and ended up with the other. The vulnerabilities are: 1.) Leaking of the ID of file in Google Drive containing the form responses. 2.) Obtaining the email-id of the user with just 2 clicks. The vulnerabilities are tested on my test account. Here's how I found out... https://www.iconfinder.com/yaswanth-mangalagiri Want to get icons for app Development Here it's https://www.iconfinder.com/iconsets/movie-53 https://www.iconfinder.com/iconsets/office-504 https://www.iconfinder.com/iconsets/security-259 The below i
Hi ! I'm a Sofware Engineer, strive to exploit security flaws only on Tech giants, though all the time my attacks go into the graveyard 😕. Guitar🎸 | Bug Bounty🐞🤑 | Love life