Home Hacking News Google Award $10K Bounty For Google Maps Bug And Patch Bypass
Hacking NewsLatest Cyber Security News | Network Security HackingNewsVulnerabilities

Google Award $10K Bounty For Google Maps Bug And Patch Bypass

by Abeerah Hashim
written by Abeerah Hashim
Google Maps bug

A serious XSS vulnerability was discovered in Google Maps. Upon report, Google originally patched the vulnerability, however it was later discovered that the fix was trivial to bypass and as such Google had to issue second fix.

Google Maps XSS Bug

Security researcher and Head of Application Security at Wix, Zohar Shachar, discovered a critical bug affecting Google Maps. Specifically, he found a cross-site scripting (XSS) vulnerability affecting the export feature of Google Maps.

Sharing the details in his blog post, he revealed that it was possible to manipulate this feature that would lead to XSS.

In brief, users can export the map after creation in any format. One such format is KML (similar to XML). While exporting KML, the map name is contained in a CDATA, and thus, the browser won’t render the code. Nonetheless, it was possible to close the CDATA. As stated in the post,

I found that by adding special chars, you can ‘close’ the CDATA tag. Specifically, by adding ‘]]>’ at the beginning of your payload (I.e. as the beginning of the ‘map name’), you can escape from the CDATA and add arbitrary XML content (which will be rendered as XML) – leading immediately to XSS.

Upon discovering the bug last year (in 2019), he reported it to Google following which, he won a $5000 bounty.

Bounty For Reporting Patch Bypass

While Google, alongside awarding a bounty, deployed a fix, Shachar noticed that it was possible to bypass the patch. Specifically, he found that Google simply fixed the issue by another CDATA tag.

So, the problem still persisted as it was possible to close the two CDATA tags.

Hence, he again reached out to Google to report the matter.

Once again, Google not only acknowledged the flaw, but also awarded another $5000 bounty.

So, in all, he won $10000 for reporting the bug and the subsequent patch bypass.

Following this experience, he urges the security community to revalidate fixes.

Ever since this Google-maps fix bypass incident I started to always re-validate fixes, even for simple things, and it has been paying off. I full heartedly encourage you to do the same.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses