Vulnerability Summary
HackerOne disclosed report --> https://hackerone.com/reports/881118 by avielt
NOTE! Thanks for submitting a report! In order to make triage of vulnerabilities as streamlined as possible, please provide as much detail as possible. We have created a simple template which will aid in the submission process:
Summary: [add summary of the vulnerability]: Badly configured Google Maps API allows anyone to perform financial damage to Glassdoor by performing queries which cost Glassdoor thousands of dollars and more.
Affected URL or select Asset from In-Scope: https://www.glassdoor.com/jobs-ux-app/static/js/dist/jobSearch.bundle.js?v=9e1a1feryy Affected Parameter: Google's API key - AIzaSyAzyn67z-olqQZ0QBxFkCu71r_dMZ000wo which was not configured securely Vulnerability Type: Violation of Secure Design Principles Browsers tested: Not relevant for the report.
No comments yet.
Be the first to share your thoughts
Log in to join the discussion.
Sign In