Are you a security researcher and want to report an issue you discovered? Go to g.co/vulnz.
Did you know?
Around 90% of reports we receive describe issues that are not security vulnerabilities, despite looking like one. For example:
- I'm receiving e-mail messages addressed to another user with a similar name.
It's most likely a typo made by that other person (please note that bob.foo@gmail.com is actually the same account as bobfoo@gmail.com). Go ahead and read this article for an explanation, it's not a bug. - XSS in translate.googleusercontent.com or yourblog.blogspot.com
These are examples of sandbox domains created specifically to ensure that XSS there does not pose a risk to our users. It's not a vulnerability.
But there's more! If you're a security researcher, make sure to look at the list available on our Bughunter University before continuing.
-----------------------------------------------------------------------------------------------------------------------
Further resources:
- For information on how to protect yourself and your personal information, please visit our guide to staying safe online at https://www.google.com/goodtoknow/.
- To find answers to many common questions and concerns about privacy and user data related to any Google product or service, please visit our Privacy Troubleshooter.