Document<\/title>\n <style>\n @import url('https:\/\/fonts.googleapis.com\/css2?family=Poppins&display=swap');\n @import url('https:\/\/fonts.googleapis.com\/css2?family=Poppins&family=Roboto&display=swap');\n *{\n margin: 0; padding: 0;\n text-decoration: none;\n }\n .container{\n font-family: roboto, sans-serif;\n width: 90%;\n border: 1px solid lightgrey;\n padding: 20px;\n background: linear-gradient(2deg,#E0EAF1 100%,#BBD2E0 100%);\n margin: 20px auto ;\n border-radius: 40px 10px;\n box-shadow: 5px 5px 5px #e2ebff;\n }\n .container:hover{\n box-shadow: 10px 10px 5px #e2ebff;\n\n }\n .container .title{\n color: #015689;\n font-size: 22px;\n font-weight: bolder;\n }\n .container .title{\n text-shadow: 1px 1px 1px lightgrey;\n }\n .container .title:after {\n width: 50px;\n height: 2px;\n content: ' ';\n position: absolute;\n background-color: #015689;\n margin: 20px 0;\n }\n .container h2{\n line-height: 40px;\n margin: 5px 3px;\n font-weight: bolder;\n }\n .container a{\n \n color: #170d51;\n }\n .container p{\n font-size: 18px;\n line-height: 30px;\n margin: 10px 0;\n \n }\n \n .container button{\n padding: 15px;\n background-color: #4469f5;\n border-radius: 10px;\n border: none;\n background-color: #00456e ;\n font-size: 16px;\n font-weight: bold;\n margin-top: 5px;\n }\n .container button:hover{\n box-shadow: 1px 1px 15px #015689;\n transition: all 0.2S linear;\n \n }\n .container button a{\n color: white;\n }\n hr{\n \/ display: none; \/\n }\n\n .listWrapper {\n padding-left: 4rem;\n \/*list-style-type: none;*\/\n }\n\n .listWrapper li {\n \/*padding-left: 2rem;\n background-image: url(star.svg);*\/\n background-position: 0 0;\n line-height: 2rem;\n background-size: 1.6rem 1.6rem;\n background-repeat: no-repeat;\n }\n\n <\/style>\n<\/head>\n<body>\n <section class=\"container\">\n <H2>Free Webinar : Mitigating Vulnerability & 0-day Threats<\/H2>\n <p> Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.\n\n:<\/p>\n <ul class=\"listWrapper\">\n <li> The problem of vulnerability fatigue today<\/li>\n <li>Difference between CVSS-specific vulnerability vs risk-based vulnerability<\/li>\n <li>Evaluating vulnerabilities based on the business impact\/risk<\/li>\n <li>Automation to reduce alert fatigue and enhance security posture significantly<\/li>\n <\/ul>\n <p>AcuRisQ, that helps you to quantify risk accurately: \n <\/p>\n <button> <a href=\"https:\/\/www.indusface.com\/mitigating-alert-fatigue-with-acurisq.php?utm_source=gbhackers-blog-cta&utm_medium=referral&utm_campaign=2024-mar-webinar-mitigating-alert-fatigue-with-acurisq\" target=\"_blank\" rel=\"nofollow noopener\"> \n Book Your spot <\/a>\n <\/button>\n <\/section>\n<\/body>\n<\/html\n\n\n\n<p>Let’s get into the report.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>The Discovery<\/strong><\/h2>\n\n\n\n<p>During the investigation, he suspects the URL that associated with https:\/\/aihub.cloud.google.com might be vulnerable then he experienced an unsuccessful attempt to exploit the ‘q’ parameter with various payloads, eventually crafting a double-encoded payload that revealed the <a href=\"https:\/\/gbhackers.com\/xss-cross-site-scripting\/\" target=\"_blank\" rel=\"noreferrer noopener\">XSS vulnerability.<\/a><\/p>\n\n\n\n<p>Upon realizing the potential severity of the vulnerability, the researcher meticulously documented the process using Burpsuite and crafted a detailed report for Google’s security team. However, the initial report hit a snag when the Google team could not replicate the XSS pop-up.<\/p>\n\n\n\n<p>Undeterred, the researcher delved deeper, creating a bash script to repeatedly request the vulnerable URL, which confirmed the inconsistency of the vulnerability’s trigger.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEge1yL6dvu42WcleC2BLL8beDYBRVT2JcISa4Dzn0FPb3BKqaRc8kJUpvJdDugFp-0jv_Q-JNXhCUDa7nT7AZJaL3p7Y7itU_1lGzOJBCm8MHHBixHNxDoSygRFelBdTKGqv9NtOD6RyDlLTSGcLv8uWmr93Kfz3HKDBYfHmbMdgQf0w6dBIeTVdoE7DfyJ\/s16000\/BASH.webp\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Bash script<\/figcaption><\/figure>\n\n\n\n<p>While perusing Google’s subdomains, a particular URL sparked suspicion: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https://aihub.cloud.google.com\/url?q=https:\/\/cidadesmineradoras.com.br <\/code><\/pre>\n\n\n\n<p>Instinct suggested a potential flaw, prompting an investigation. <\/p>\n\n\n\n<p>The researcher began testing various payloads on the ‘q’ parameter, focusing on a favored XSS payload: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\"><SvG\/onload=alert(document.domain) id=hncaga> <\/code><\/pre>\n\n\n\n<p>Despite encoding the payload to bypass potential filters, initial attempts were ineffective. <\/p>\n\n\n\n<p>Persistence led to double encoding the payload, a technique that, surprisingly, triggered the XSS vulnerability. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgCUSSoU_lgEnNiw0VsNflUfZwqlh8OPSXFnK6I0rTE8pv9KbcLWDM1SlfgosKx3wcZpC-zBN5WOYPaonN2xb3gg6fkjlglpXo5DYcR8JEPCxMPYqmEAMuNe6kbVbklTUYG4uSoh5LcqL0LLwsCFLaAt5GUgu8F21aXJWF0lHQ8uQ5YTvjZ67fmwRsl5ekA\/s16000\/1_mFoTIHEkr4gBme5OpbEJ8g.webp\" alt=\"\"\/><\/figure>\n\n\n\n<p>The moment of success was captured via a Burpsuite-recorded video.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"XSS GOOGLE AIHUB\" width=\"696\" height=\"392\" src=\"https:\/\/www.youtube.com\/embed\/29hCunQoUS0?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>Further <a href=\"https:\/\/medium.com\/@hncaga\/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">investigation<\/a> revealed that the XSS vulnerability was not isolated to a single URL but affected all URLs from the aihub.cloud.google.com domain when the ‘q’ parameter was appended. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-reporting-and-resolution\"><strong>Reporting and Resolution<\/strong><\/h2>\n\n\n\n<p>Adhering to responsible disclosure protocols, the researcher promptly reported the expanded findings to Google’s security team. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihACMU0_3VhfsRKyVuKfT5E0TVZH2cho0F6SR5MO728ZdPG6hanmZqX_nouuNFaERPzrJjghWO-4pPCTtcT3cCuixpedVa8FL5yOrucdRDjqNFC-r2VPPswuj0mz2c9jfvozI39VlodfZ0M9qfPWpqz5vmmUr55b4HA9svSC1hAR4PEQPeXSTooZ7FmDmX\/s16000\/wfww.webp\" alt=\"\"\/><\/figure>\n\n\n\n<p>The team responded quickly, upgrading the issue’s priority and severity levels and expressing appreciation for the “Nice Catch!” The researcher was rewarded $4,133.70, including a $1,000 bonus for their comprehensive report and proof of concept scripts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-the-impact\"><strong>The Impact<\/strong><\/h3>\n\n\n\n<p>The XSS vulnerability posed significant risks, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Session Hijacking<\/strong>: Attackers could have exploited the vulnerability to take over user sessions.<\/li>\n\n\n\n<li><strong>Phishing Attacks<\/strong>: The flaw could have facilitated the creation of phishing pages to deceive users.<\/li>\n\n\n\n<li><strong>Malware Distribution<\/strong>: Users could have been redirected to malware-laden sites.<\/li>\n\n\n\n<li><strong>Data Theft<\/strong>: Sensitive data like cookies and tokens were at risk of theft.<\/li>\n\n\n\n<li><strong>Reputation Damage<\/strong>: Such security lapses could harm Google’s reputation for secure services.<\/li>\n<\/ul>\n\n\n\n<p>The incident reminds us of the persistent need for robust cybersecurity measures, even within the infrastructure of technology leaders like Google. The collaborative efforts of users, developers, and security professionals are crucial in maintaining a secure online environment.<\/p>\n\n\n\n<p><strong>Acknowledgment<\/strong><\/p>\n\n\n\n<p>The researcher expressed gratitude to Google’s security team for their prompt and professional handling of the vulnerability, which ensured the continued protection of users worldwide. <\/p>\n\n\n\n<p>On March 15, 2024, the researcher received an update from the Google security team informing me that the vulnerability had been resolved. However, the site began returning a 502 error, which Google clarified was due to the deprecation of aihub and its migration to Vertex AI since January 2024. <\/p>\n\n\n\n<p class=\"has-background\" style=\"background:linear-gradient(135deg,rgb(238,238,238) 84%,rgb(169,184,195) 100%)\"><strong>Are you from SOC and DFIR Teams? \u2013 Analyse Malware Incidents & get live Access with ANY.RUN -> <a href=\"https:\/\/any.run\/?utm_source=csnandgbhackers&utm_medium=article&utm_campaign=5-steps&utm_content=landing&utm_term=210324\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Start Now for Free<\/a>.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain that allows hackers to perform various attacks, including session hijacking, phishing attacks, malware distribution, and data Theft. This vulnerability exposed a bad actor entry point and highlighted the significance of solid cybersecurity policies. Document Free Webinar : Mitigating […]<\/p>\n","protected":false},"author":3,"featured_media":60476,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","fifu_image_alt":"XSS Vulnerability in Google Subdomain","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[10,9,25,53],"tags":[149,151,416],"class_list":{"0":"post-60463","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-cyber-attack","9":"category-google","10":"category-vulnerability","11":"tag-cyber-security","12":"tag-cyber-security-news","13":"tag-vulnerability"},"yoast_head":"\n<title>XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions<\/title>\n<meta name=\"description\" content=\"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions\" \/>\n<meta property=\"og:description\" content=\"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-25T06:46:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-25T08:52:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Balaji N\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/balaji_gbh\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Balaji N\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n","yoast_head_json":{"title":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","og_locale":"en_US","og_type":"article","og_title":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","og_description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","og_url":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2024-03-25T06:46:23+00:00","article_modified_time":"2024-03-25T08:52:46+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","type":"","width":"","height":""},{"width":1600,"height":900,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","type":"image\/jpeg"}],"author":"Balaji N","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","twitter_creator":"@https:\/\/twitter.com\/balaji_gbh","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Balaji N","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"},"author":{"name":"Balaji N","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/0ad7770df28fe608567609e4ba1c4da2"},"headline":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","datePublished":"2024-03-25T06:46:23+00:00","dateModified":"2024-03-25T08:52:46+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"},"wordCount":125,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news","vulnerability"],"articleSection":["Cyber Security","Cyberattack News","Google","Vulnerability"],"inLanguage":"en-US","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","url":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","name":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2024-03-25T06:46:23+00:00","dateModified":"2024-03-25T08:52:46+00:00","description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage","url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900","caption":"XSS Vulnerability in Google Subdomain"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World's #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/0ad7770df28fe608567609e4ba1c4da2","name":"Balaji N","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8075aac45cdbf0aae6572d8039978c587715d33d6b330539092189c91804f031?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8075aac45cdbf0aae6572d8039978c587715d33d6b330539092189c91804f031?s=96&d=mm&r=g","caption":"Balaji N"},"description":"BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.","sameAs":["https:\/\/www.linkedin.com\/company\/cybersecurity-news\/","https:\/\/x.com\/https:\/\/twitter.com\/balaji_gbh"],"url":"https:\/\/cybersecuritynews.com\/author\/balaji\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=60463"}],"version-history":[{"count":8,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463\/revisions"}],"predecessor-version":[{"id":60494,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463\/revisions\/60494"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/60476"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=60463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=60463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=60463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":60463,"date":"2024-03-25T06:46:23","date_gmt":"2024-03-25T06:46:23","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=60463"},"modified":"2024-03-25T08:52:46","modified_gmt":"2024-03-25T08:52:46","slug":"xss-vulnerability-in-google-subdomain","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","title":{"rendered":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions"},"content":{"rendered":"\n

Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain that allows hackers to perform various attacks, including session hijacking, phishing attacks, malware distribution, and data Theft.<\/p>\n\n\n\n

This vulnerability exposed a bad actor entry point and highlighted the significance of solid cybersecurity policies.<\/p>\n\n\n\n\n\n\n Document<\/title>\n <style>\n @import url('https:\/\/fonts.googleapis.com\/css2?family=Poppins&display=swap');\n @import url('https:\/\/fonts.googleapis.com\/css2?family=Poppins&family=Roboto&display=swap');\n *{\n margin: 0; padding: 0;\n text-decoration: none;\n }\n .container{\n font-family: roboto, sans-serif;\n width: 90%;\n border: 1px solid lightgrey;\n padding: 20px;\n background: linear-gradient(2deg,#E0EAF1 100%,#BBD2E0 100%);\n margin: 20px auto ;\n border-radius: 40px 10px;\n box-shadow: 5px 5px 5px #e2ebff;\n }\n .container:hover{\n box-shadow: 10px 10px 5px #e2ebff;\n\n }\n .container .title{\n color: #015689;\n font-size: 22px;\n font-weight: bolder;\n }\n .container .title{\n text-shadow: 1px 1px 1px lightgrey;\n }\n .container .title:after {\n width: 50px;\n height: 2px;\n content: ' ';\n position: absolute;\n background-color: #015689;\n margin: 20px 0;\n }\n .container h2{\n line-height: 40px;\n margin: 5px 3px;\n font-weight: bolder;\n }\n .container a{\n \n color: #170d51;\n }\n .container p{\n font-size: 18px;\n line-height: 30px;\n margin: 10px 0;\n \n }\n \n .container button{\n padding: 15px;\n background-color: #4469f5;\n border-radius: 10px;\n border: none;\n background-color: #00456e ;\n font-size: 16px;\n font-weight: bold;\n margin-top: 5px;\n }\n .container button:hover{\n box-shadow: 1px 1px 15px #015689;\n transition: all 0.2S linear;\n \n }\n .container button a{\n color: white;\n }\n hr{\n \/ display: none; \/\n }\n\n .listWrapper {\n padding-left: 4rem;\n \/*list-style-type: none;*\/\n }\n\n .listWrapper li {\n \/*padding-left: 2rem;\n background-image: url(star.svg);*\/\n background-position: 0 0;\n line-height: 2rem;\n background-size: 1.6rem 1.6rem;\n background-repeat: no-repeat;\n }\n\n <\/style>\n<\/head>\n<body>\n <section class=\"container\">\n <H2>Free Webinar : Mitigating Vulnerability & 0-day Threats<\/H2>\n <p> Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.\n\n:<\/p>\n <ul class=\"listWrapper\">\n <li> The problem of vulnerability fatigue today<\/li>\n <li>Difference between CVSS-specific vulnerability vs risk-based vulnerability<\/li>\n <li>Evaluating vulnerabilities based on the business impact\/risk<\/li>\n <li>Automation to reduce alert fatigue and enhance security posture significantly<\/li>\n <\/ul>\n <p>AcuRisQ, that helps you to quantify risk accurately: \n <\/p>\n <button> <a href=\"https:\/\/www.indusface.com\/mitigating-alert-fatigue-with-acurisq.php?utm_source=gbhackers-blog-cta&utm_medium=referral&utm_campaign=2024-mar-webinar-mitigating-alert-fatigue-with-acurisq\" target=\"_blank\" rel=\"nofollow noopener\"> \n Book Your spot <\/a>\n <\/button>\n <\/section>\n<\/body>\n<\/html\n\n\n\n<p>Let’s get into the report.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>The Discovery<\/strong><\/h2>\n\n\n\n<p>During the investigation, he suspects the URL that associated with https:\/\/aihub.cloud.google.com might be vulnerable then he experienced an unsuccessful attempt to exploit the ‘q’ parameter with various payloads, eventually crafting a double-encoded payload that revealed the <a href=\"https:\/\/gbhackers.com\/xss-cross-site-scripting\/\" target=\"_blank\" rel=\"noreferrer noopener\">XSS vulnerability.<\/a><\/p>\n\n\n\n<p>Upon realizing the potential severity of the vulnerability, the researcher meticulously documented the process using Burpsuite and crafted a detailed report for Google’s security team. However, the initial report hit a snag when the Google team could not replicate the XSS pop-up.<\/p>\n\n\n\n<p>Undeterred, the researcher delved deeper, creating a bash script to repeatedly request the vulnerable URL, which confirmed the inconsistency of the vulnerability’s trigger.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEge1yL6dvu42WcleC2BLL8beDYBRVT2JcISa4Dzn0FPb3BKqaRc8kJUpvJdDugFp-0jv_Q-JNXhCUDa7nT7AZJaL3p7Y7itU_1lGzOJBCm8MHHBixHNxDoSygRFelBdTKGqv9NtOD6RyDlLTSGcLv8uWmr93Kfz3HKDBYfHmbMdgQf0w6dBIeTVdoE7DfyJ\/s16000\/BASH.webp\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Bash script<\/figcaption><\/figure>\n\n\n\n<p>While perusing Google’s subdomains, a particular URL sparked suspicion: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>https://aihub.cloud.google.com\/url?q=https:\/\/cidadesmineradoras.com.br <\/code><\/pre>\n\n\n\n<p>Instinct suggested a potential flaw, prompting an investigation. <\/p>\n\n\n\n<p>The researcher began testing various payloads on the ‘q’ parameter, focusing on a favored XSS payload: <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\"><SvG\/onload=alert(document.domain) id=hncaga> <\/code><\/pre>\n\n\n\n<p>Despite encoding the payload to bypass potential filters, initial attempts were ineffective. <\/p>\n\n\n\n<p>Persistence led to double encoding the payload, a technique that, surprisingly, triggered the XSS vulnerability. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgCUSSoU_lgEnNiw0VsNflUfZwqlh8OPSXFnK6I0rTE8pv9KbcLWDM1SlfgosKx3wcZpC-zBN5WOYPaonN2xb3gg6fkjlglpXo5DYcR8JEPCxMPYqmEAMuNe6kbVbklTUYG4uSoh5LcqL0LLwsCFLaAt5GUgu8F21aXJWF0lHQ8uQ5YTvjZ67fmwRsl5ekA\/s16000\/1_mFoTIHEkr4gBme5OpbEJ8g.webp\" alt=\"\"\/><\/figure>\n\n\n\n<p>The moment of success was captured via a Burpsuite-recorded video.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"XSS GOOGLE AIHUB\" width=\"696\" height=\"392\" src=\"https:\/\/www.youtube.com\/embed\/29hCunQoUS0?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>Further <a href=\"https:\/\/medium.com\/@hncaga\/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">investigation<\/a> revealed that the XSS vulnerability was not isolated to a single URL but affected all URLs from the aihub.cloud.google.com domain when the ‘q’ parameter was appended. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-reporting-and-resolution\"><strong>Reporting and Resolution<\/strong><\/h2>\n\n\n\n<p>Adhering to responsible disclosure protocols, the researcher promptly reported the expanded findings to Google’s security team. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEihACMU0_3VhfsRKyVuKfT5E0TVZH2cho0F6SR5MO728ZdPG6hanmZqX_nouuNFaERPzrJjghWO-4pPCTtcT3cCuixpedVa8FL5yOrucdRDjqNFC-r2VPPswuj0mz2c9jfvozI39VlodfZ0M9qfPWpqz5vmmUr55b4HA9svSC1hAR4PEQPeXSTooZ7FmDmX\/s16000\/wfww.webp\" alt=\"\"\/><\/figure>\n\n\n\n<p>The team responded quickly, upgrading the issue’s priority and severity levels and expressing appreciation for the “Nice Catch!” The researcher was rewarded $4,133.70, including a $1,000 bonus for their comprehensive report and proof of concept scripts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-the-impact\"><strong>The Impact<\/strong><\/h3>\n\n\n\n<p>The XSS vulnerability posed significant risks, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Session Hijacking<\/strong>: Attackers could have exploited the vulnerability to take over user sessions.<\/li>\n\n\n\n<li><strong>Phishing Attacks<\/strong>: The flaw could have facilitated the creation of phishing pages to deceive users.<\/li>\n\n\n\n<li><strong>Malware Distribution<\/strong>: Users could have been redirected to malware-laden sites.<\/li>\n\n\n\n<li><strong>Data Theft<\/strong>: Sensitive data like cookies and tokens were at risk of theft.<\/li>\n\n\n\n<li><strong>Reputation Damage<\/strong>: Such security lapses could harm Google’s reputation for secure services.<\/li>\n<\/ul>\n\n\n\n<p>The incident reminds us of the persistent need for robust cybersecurity measures, even within the infrastructure of technology leaders like Google. The collaborative efforts of users, developers, and security professionals are crucial in maintaining a secure online environment.<\/p>\n\n\n\n<p><strong>Acknowledgment<\/strong><\/p>\n\n\n\n<p>The researcher expressed gratitude to Google’s security team for their prompt and professional handling of the vulnerability, which ensured the continued protection of users worldwide. <\/p>\n\n\n\n<p>On March 15, 2024, the researcher received an update from the Google security team informing me that the vulnerability had been resolved. However, the site began returning a 502 error, which Google clarified was due to the deprecation of aihub and its migration to Vertex AI since January 2024. <\/p>\n\n\n\n<p class=\"has-background\" style=\"background:linear-gradient(135deg,rgb(238,238,238) 84%,rgb(169,184,195) 100%)\"><strong>Are you from SOC and DFIR Teams? \u2013 Analyse Malware Incidents & get live Access with ANY.RUN -> <a href=\"https:\/\/any.run\/?utm_source=csnandgbhackers&utm_medium=article&utm_campaign=5-steps&utm_content=landing&utm_term=210324\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Start Now for Free<\/a>.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain that allows hackers to perform various attacks, including session hijacking, phishing attacks, malware distribution, and data Theft. This vulnerability exposed a bad actor entry point and highlighted the significance of solid cybersecurity policies. Document Free Webinar : Mitigating […]<\/p>\n","protected":false},"author":3,"featured_media":60476,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","fifu_image_alt":"XSS Vulnerability in Google Subdomain","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[10,9,25,53],"tags":[149,151,416],"class_list":{"0":"post-60463","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"category-cyber-attack","9":"category-google","10":"category-vulnerability","11":"tag-cyber-security","12":"tag-cyber-security-news","13":"tag-vulnerability"},"yoast_head":"\n<title>XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions<\/title>\n<meta name=\"description\" content=\"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions\" \/>\n<meta property=\"og:description\" content=\"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-25T06:46:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-25T08:52:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Balaji N\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/balaji_gbh\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Balaji N\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n","yoast_head_json":{"title":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","og_locale":"en_US","og_type":"article","og_title":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","og_description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","og_url":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2024-03-25T06:46:23+00:00","article_modified_time":"2024-03-25T08:52:46+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","type":"","width":"","height":""},{"width":1600,"height":900,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","type":"image\/jpeg"}],"author":"Balaji N","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp","twitter_creator":"@https:\/\/twitter.com\/balaji_gbh","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Balaji N","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"},"author":{"name":"Balaji N","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/0ad7770df28fe608567609e4ba1c4da2"},"headline":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","datePublished":"2024-03-25T06:46:23+00:00","dateModified":"2024-03-25T08:52:46+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"},"wordCount":125,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news","vulnerability"],"articleSection":["Cyber Security","Cyberattack News","Google","Vulnerability"],"inLanguage":"en-US","copyrightYear":"2024","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","url":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/","name":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2024-03-25T06:46:23+00:00","dateModified":"2024-03-25T08:52:46+00:00","description":"Security researcher Henry N. Caga has identified a significant cross-site scripting (XSS) vulnerability within a Google sub-domain.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#primaryimage","url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900","caption":"XSS Vulnerability in Google Subdomain"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/xss-vulnerability-in-google-subdomain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"XSS Vulnerability in Google Subdomain Let Hackers Hijacks the User Sessions"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World's #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/0ad7770df28fe608567609e4ba1c4da2","name":"Balaji N","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8075aac45cdbf0aae6572d8039978c587715d33d6b330539092189c91804f031?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8075aac45cdbf0aae6572d8039978c587715d33d6b330539092189c91804f031?s=96&d=mm&r=g","caption":"Balaji N"},"description":"BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.","sameAs":["https:\/\/www.linkedin.com\/company\/cybersecurity-news\/","https:\/\/x.com\/https:\/\/twitter.com\/balaji_gbh"],"url":"https:\/\/cybersecuritynews.com\/author\/balaji\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgvnAcSZlQRQmX_Qjnvl7QLSnaVCBOgWQF4YT2UZnFjQf7bz61HFvnlz7w5-vkGtqSf9uF37Fts2gAYiSN9uHsYRmH4d7lvg_P7OCBYMuw4OWlM6dnnphCgrpOwAD3yqr6eADTCIBK8OQ56BlUn38mAa6H0hlUpU4Eok2v1CfkfXBgSmLBqcNF6pQMcUt1v\/s16000\/xss%20in%20google%20sub%20domain.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=60463"}],"version-history":[{"count":8,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463\/revisions"}],"predecessor-version":[{"id":60494,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/60463\/revisions\/60494"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/60476"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=60463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=60463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=60463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}