Given below is the video tutorial that shows how we can exploit the bug to Download Paid Extensions for free.
This was the email that I received from Google security team.
Hello,This bug still exists and it is not yet fixed even after 2 weeks after reporting the bug.
Thanks for the reporting this issue. We appreciate you taking the time to help us improve security.
We've taken a look and can confirm that this is a duplicate of an existing bug that we're already tracking. Unfortunately, this excludes the report from our reward program -- duplicate submissions don't qualify for reward or credit.
Best of luck in your future bug hunting.
Regards,
contact me using my Contact form. I hope Google security team will fix the bug as soon as possible. You can also contact me using my email address mr.dinesh.bhosale@gmail.com
Feel free to read about my other bug reports
- Chrome web store bug that allows you to download paid chrome extensions
- Lock your friend's accounts on Facebook
vulnerability is still not patched, video shows exploitation:
Given below is the video tutorial that shows how we can exploit the bug to Download Paid Extensions for free.
This was the email that I received from Google security team.
Hello,This bug still exists and it is not yet fixed even after 2 weeks after reporting the bug.
Thanks for the reporting this issue. We appreciate you taking the time to help us improve security.
We've taken a look and can confirm that this is a duplicate of an existing bug that we're already tracking. Unfortunately, this excludes the report from our reward program -- duplicate submissions don't qualify for reward or credit.
Best of luck in your future bug hunting.
Regards,
contact me using my Contact form. I hope Google security team will fix the bug as soon as possible. You can also contact me using my email address mr.dinesh.bhosale@gmail.com
Feel free to read about my other bug reports
- Chrome web store bug that allows you to download paid chrome extensions
- Lock your friend's accounts on Facebook
vulnerability is still not patched, video shows exploitation:
No Comment