Bug in Google Bug Hunters

 

I recently participated in the Google Vulnerability Report Program, where I submitted two separate issues and provided a proof of concept demonstrating how Google APIs could be easily exploited with a simple script.

After a five-day review, the Google team closed both reports, stating that the issues might not be severe enough to be considered abusive. I respectfully disagree with their assessment, as even minor vulnerabilities can potentially escalate into significant security risks if left unaddressed.

That’s not my main concern though. I was mistakenly awarded the Dragon award!

 

 This amusing glitch in the Google bug hunter system might be the real vulnerability here 🤣.

Disclaimer: This post is just for a light sense of humor, and I will not disclose any details of the vulnerabilities I found.