Closed korniko98 closed 8 months ago
The researcher managed to bypass one of the main security boundaries in the “Open in Cloud Shell” feature from the Google Cloud Shell and discovered that it could be abused to access the user’s GCP resources.
https://docs.google.com/document/d/1-TTCS6fS6kvFUkoJmX4Udr-czQ79lSUVXiWsiAED_bs/edit#heading=h.p3l0lr3qhjty
Summary (give a brief description of the issue)
The researcher managed to bypass one of the main security boundaries in the “Open in Cloud Shell” feature from the Google Cloud Shell and discovered that it could be abused to access the user’s GCP resources.
References (provide links to blogposts, etc.)
https://docs.google.com/document/d/1-TTCS6fS6kvFUkoJmX4Udr-czQ79lSUVXiWsiAED_bs/edit#heading=h.p3l0lr3qhjty