bug-bounty504
google358
xss310
microsoft301
facebook265
rce221
exploit213
malware168
apple164
cve142
account-takeover116
bragging-post102
privilege-escalation98
csrf92
phishing86
browser80
writeup78
supply-chain69
authentication-bypass69
dos68
stored-xss65
ssrf57
reflected-xss57
reverse-engineering55
react54
access-control52
aws49
input-validation49
cross-site-scripting48
docker47
cloudflare47
lfi47
web-security46
node46
ctf45
sql-injection45
smart-contract45
ethereum44
web-application44
web343
defi43
oauth43
race-condition40
open-source39
auth-bypass39
pentest39
cloud38
idor37
burp-suite36
info-disclosure36
0
7/10
vulnerability
A Local File Inclusion (LFI) vulnerability was discovered in Apigee portals where the SCSS @import directive could be abused to read arbitrary files on the server by referencing paths like /etc/shadow, with compilation errors exposing file contents. The vulnerability was patched by Google shortly after disclosure through their VRP.
Apigee
Google
Google VRP
Drupal 7
healthapix.apigee.io
sass-lang.com