google docs xss

I recently found a cross-site-scripting vulnerability within Google Docs (spreadsheats).

The document name (docName) was the vulnerable parameter. The xss worked on every major browser.

google-docs-spreadsheatname-xss-burp

google-docs-xss-chrome google-docs-xss-firefox google-docs-xss-IE

 

 

Timeline:

  • 12.12.2015 vulnerability discoverd
  • 12.12.2015 bug reported to google
  • 14.12.2015 nice catch
  • 14.12.2015 fixed