May 4, 2013 · ClickJacking Google Bug Bounty VRP CSRF

Google Website Translator (Add Editor) CSRF and Google Tasks Clickjacking

I'd like to share some of my Google bugs.

1.Google Website Translator CSRF (Add Editor)

Allowed me to become an Editor on someone's Google Website Translator Service.

The page had CSRF Protection, but the CSRF token check was skipped on server side.

Video POC:

2.Google Tasks (Part of Gmail) Clickjacking

Found a clickjacking issue in Google Tasks (Gmail), I was able to add arbitrary tasks in users' task list. The affected page was missing X-FRAME-OPTIONS header.

Video POC: