An open project to list all publicly known cloud vulnerabilities and CSP security issues
Creative Commons Attribution 4.0 International
303
stars
61
forks
source link
[Contribution] CSWSH vulnerability in Google Cloud Shell’s code editor #235
Closed
korniko98 closed 11 months ago
Summary (give a brief description of the issue)
As part of the Google Vulnerability Reward Program (VRP) the researcher discovered that the code editor of the Cloud Shell was vulnerable to Cross-Site WebSocket Hijacking (CSWSH).
References (provide links to blogposts, etc.)
https://xn--9xa.fun/i/yvpMj