Google persistent XSS vulnerability | Breaking Cybersecurity News | The Hacker News

Yesterday we have reported that How Bug Bounty programs can play unfair with hackers and researchers, where hackers are submitting their legitimate findings to companies and no surprise if they are getting replies that " Someone else already reported this, you are not eligible for Bounty ". But the main issue is, if companies are really aware about the issue , then why they have not fixed it yet ?  Today we are going to Talk about Google, that How a ignored vulnerability can be brilliantly crafted and exploited by Hackers for phishing users. On 11th September this year, I have reported a persistent XSS vulnerability in Google and reply from Google Security Team was," It seems the XSS you reported actually executes on one of our sandboxed domains (googleusercontent.com). The sandboxed domain does not contain any session cookies for google services, nor does it have access to any Google.com data " I said its okay if they are su...