Security researcher exploits bug to access Google’s issue-tracking system
Google has an inner stage called Google Issue Tracker that tracks a rundown of bugs and unpatched vulnerabilities, yet that stage itself had a bug that enabled one security analyst to get to anything on the rundown, reports Motherboard. This would have allowed somebody to see the greater part of Google’s asked for highlights and unpatched bugs, possibly enabling programmers to misuse the data. Google has since fixed the blemish.
Security scientist Alex Birsan could get to that data by utilizing a capacity that enables outer analysts to withdraw from email records about specific issues. Once withdrew, the framework would then send subtle elements of the bug in a last reaction. The framework accepted the client had authorization in any case, so Birsan found that in the event that he withdrew from a specific rundown he had never really subscribed to, he could in any case get points of interest of various vulnerabilities. Birsan could see powerlessness reports alongside “everything else” on the Issue Tracker.http://blogs.top4webhosting.com/2017/10/31/security-researcher-exploits-bug-access-googles-issue-tracking-system/http://blogs.top4webhosting.com/wp-content/uploads/2017/10/google-logo-stock-31_2040.0.0-1-1024x683.jpghttp://blogs.top4webhosting.com/wp-content/uploads/2017/10/google-logo-stock-31_2040.0.0-1-150x150.jpgSocial Media