This write-up is a part of a series of write-ups about the bugs Sivanesh and I found in Google Cloud in 2022. While exploring Google Cloud’s Vertex AI Workbench, we noticed that we could create a workbench with Theia. Theia is the IDE

This write-up is a part of a series of write-ups about the bugs I and Sivanesh found in Google Cloud in 2022. Google Cloud offers Vertex AI, which lets you build, deploy and scale machine learning models. In addition to various other features, Vertex

Brief: I was able to hijack Google Docs screenshot of any document exploiting postmessage misconfiguration and a browser behavior. Google have a feature called "Send Feedback" in most of their product. As the name suggests it helps Google to get feedback from users when

Brief: On 04/11/2020, BugPoc released a XSS challenge on their twitter handle. This writeup explains about the successful exploitation of XSS, bypassing various security implementation. Challenge URL:  https://wacky.buggywebsite.com/ On visiting the URL you will find the following content: Inputting