Techly NewsGet the app

Get the latest tech news

Common Google XSS


A simple XSS in Google application

The article is about an SSRF vulnerability in the Google website https://toolbox.googleapps.com, so I started researching this site. In google search I also spotted a result that has Verify that you own example.com title, with this link : https://toolbox.googleapps.com/apps/recovery/ownership?domain=example.com&email=email@example.com&case=45500368&continue=/apps/recovery/... The server apparently just verifies that the email matches the domain, then presents a page with some thank you text and a continue button:

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Google XSS

Google XSS

Photo of Common Google XSS

Common Google XSS

« Billionaire Sea Founder Warns of Turmoil From the Shift to AI
TikTok Places ByteDance Founder Among China Moguls in Singapore »