Bug discovered on: 1st May 2017 Research time: 10:30 a.m to 11:00 a.m The Google Document is having Google Keep for make notes. It is accessble through Tools menu's Keep notepad , which opens up Google Keep on the right hand side of the window. The notes could be deleted between clicks by tricking the user. May 1st 2017 : Bug reported. May 2nd 2017: Bug Triaged. May 5th 2017 : Bug filed for panel's evaluation. May 12th 2017: $500 reward issued ! The vulnerability is now fixed by removing the Delete and Add to document options if the document is embedded in any site and making it work only in docs.google.com.
Hi ! I'm a Sofware Engineer, strive to exploit security flaws only on Tech giants, though all the time my attacks go into the graveyard 😕. Guitar🎸 | Bug Bounty🐞🤑 | Love life