Google( ClickJacking Vulnerability

Hi folks, 

This post is about one of my recent finding in which was acquire by google in 2016. So i was monitoring request and responses, i noticed the following endpoint which has X-frame-options response header missing as shown in the below image.<orgnization_name>/users/<user_email>

So i quickly visited the page and there is a option to remove the user as shown in the below image.

In this case if the attacker is inside the origination he can easily trick the administrator to remove other users. 

Working POC:


Response from the google

Sad story :p 
Thanks for reading ;) 


Popular posts from this blog

How I bypassed 2-Factor Authentication in a bug bounty program

Story of a JSON XSS