|
|
|
|
|
|
by adobkin
4662 days ago
|
|
|
This type of vulnerability can be used to aid phishing attacks but it cannot be directly exploited by an attacker to obtain or modify user data. Phishing attacks are not listed as qualifying in the Program Rules http://www.google.com/about/appsecurity/reward-program/ although they are evaluated as security issues on a case by case basis. In this case a bug was filed, but it took some prodding to get it fixed. |
|
|