He found a way to Hijack Private Google Docs Screenshots with a clever hack - Google paid him $4000

The Backend Engineering Show with Hussein Nasser

Episode | Podcast

Date: Sun, 24 Jan 2021 18:42:09 GMT

<p>A vulnerability in Google Feedback component in postMessage allowed this security researcher to find a way to hijack private screenshots &nbsp;&nbsp;https://blog.geekycat.in/google-vrp-hijacking-your-screenshots/ https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage</p>