by Julien Ahrens | Wednesday, March 1, 2017 | Advisory, Bug Bounty
In late January, I have found and reported a Server-Side Request Forgery (SSRF) vulnerability on toolbox.googleapps.com to Google’s VRP, which could be used to discover and query internal Google DNS servers to extract all kinds of corporate...