Google Drive integration errors created SSRF flaws in multiple applications


According to bug bounty hunter Harsh Jaiswal in a GitHub post, this includes Dropbox’s digital signature tool, HelloSign, but “by far the finest” SSRF was achieved via CRLF and request pipelining in another, unnamed application.

Researchers were able to compel HelloSign to parse external JSON data using an extra parameter in the Google Drive API, resulting in an SSRF attack.

Read More…