Hacker News new | ask | show | jobs
by reginaldo 4915 days ago
I recently found a pretty simple one on https://accounts.google.com/, which is arguably Google's most valued domain. I believe XSS is the most common vulnerability these days. One doesn't even have to be able to inject javascript per se. Only a CSS style is enough in many cases.
1 comments
TomAnthony 4915 days ago
The bounty for that page is ~$10k or such, no? Did you get anything?
link
reginaldo 4915 days ago
Actually it is $3133.7 (eleet). I got it, of course. The security team at Google is, simply put, awesome.
link