Vulnerability Google allowed to remove any site from the search index
A vulnerability in Google Webmaster Tools allowed you to remove any site from the index, even if you did not own it. This was possible due to inadequate verification of request parameters.
It seems that Google promptly patched the service, but it is noteworthy that the author who disclosed the vulnerability did not find a sane way to report this to Google. It is difficult to say or someone previously knew about the vulnerability and how many sites could be removed from the index.
A bug (or feature) was discovered by a man named James Breckenridge, which he writes about in his blog .
')
UPD. In the topic on hackernews talked about ways to report a bug in Google:
1 security@google.com
2 www.google.com/appserve/security-bugs/new
UPD2. According to the error reporting policy , James could earn a couple thousand dollars.
https://www.google.com/webmasters/tools/removals-request? hl
It seems that Google promptly patched the service, but it is noteworthy that the author who disclosed the vulnerability did not find a sane way to report this to Google. It is difficult to say or someone previously knew about the vulnerability and how many sites could be removed from the index.
A bug (or feature) was discovered by a man named James Breckenridge, which he writes about in his blog .
')
UPD. In the topic on hackernews talked about ways to report a bug in Google:
1 security@google.com
2 www.google.com/appserve/security-bugs/new
UPD2. According to the error reporting policy , James could earn a couple thousand dollars.
Source: https://habr.com/ru/post/124528/
All Articles