He found a way to Hijack Private Google Docs Screenshots with a clever hack - Google paid him $4000 - podcast episode cover

He found a way to Hijack Private Google Docs Screenshots with a clever hack - Google paid him $4000

The Backend Engineering Show with Hussein Nasser
Jan 24, 202111 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

A vulnerability in Google Feedback component in postMessage allowed this security researcher to find a way to hijack private screenshots   https://blog.geekycat.in/google-vrp-hijacking-your-screenshots/ https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage

For the best experience, listen in Metacast app for iOS or Android