Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

HackerOne: Search query text, including from potentially undisclosed reports, sent to Google Analytics on Inbox query page

🗓️ 19 Oct 2017 20:52:36Reported by holvonix-advayType 
hackerone
 hackerone🔗 hackerone.com👁 17 Views

Search query text sent to Google Analytics on Inbox page can potentially disclose private vulnerabilities, PII, and undisclosed reports for a company. Mitigation involves client-side redaction

Show more

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Oct 2017 20:36Current
6.5Medium risk
Vulners AI Score6.5
google analyticsinboxprivate vulnerabilitiesundisclosed reportspiiredactionclient-sidemitigation
17
.json
Report