4/27/2012

Ethiopia gets a new school - thanks to a XSS in Google+

Update 04/29/12: This blog post leads to a persistent XSS bug within InformationWeek.com (screenshot), because Charlie Miller has tweeted about it. (The third paragraph contains a XSS vector) :-)
Update 05/02/12: InformationWeek has fixed the issue.

I contribute to the Google Vulnerability Reward Program now since November 2010 and I found a lot of security bugs in nearly all major Google applications. This month I found two different persistent XSS vulnerabilities in Google+. One of these I want to disclose here because that bug hopefully makes the life of some childrens a bit better.

My testing Google+ profile is named "><img src=x onerror=prompt(1);> and if this users has more than 6 public photo albums the name wasn't escaped on the profile page. The screenshot shows the bug in action.


The Google Security Team responded very fast and delivered a valid fix to production after some hours. For this vulnerability I got a reward of $1,000 USD. From three other minor bugs I got $300 USD. Some notes and background information about the threats of HTML injections can be found here.


I decided to donate all the money to a school project in Welkite (Ethiopia). 
From the Project Manager of Bessere Zukunft e.V. about that school:
"At this school there is a lack of fundamental supply with water, toilets and electricity. Because there are barely any educational books, school materials and furniture (see photos), sufficient school education isn’t possible.
Welkite is 180 km away from capital city Addis Ababa. At this elementary school approximately 750 children go to grade one to eight. The classrooms have not enough room and benches to sit for the 80 children per grade. Often four to five children have to share a seating bench. Most of the children have to walk 45 minutes to one hour to get to school. At this school there is no access to water, electricity and enough adequate toilets."

If you decide to donate the money from Google to charity Google doubles the rewards! So I'm able to donate

$2,600 USD

to this project. Google has made the donation for me via Betterplace.


There is another school project from Bessere Zukunft e.V. in East Africa. Do you want to donate too? Do it here.


Thanks so much to the Google Security Team who made this possible!