{"id":4407,"date":"2023-12-03T19:03:36","date_gmt":"2023-12-03T19:03:36","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=4407"},"modified":"2023-12-06T10:59:35","modified_gmt":"2023-12-06T10:59:35","slug":"stored-xss-and-ssrf-in-google-using-dataset-publishing-language","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/","title":{"rendered":"Stored XSS and SSRF in Google using Dataset Publishing Language"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n<p><strong>$18337 XSS and SSRF Google Dataset &#8211; <\/strong>In 2018 \u00a0Security researcher [@signalchaos] uncovered critical vulnerabilities within Google&#8217;s Public Data Explorer, shedding light on of potential stored XSS attacks and SSRF exploits.<\/p>\n<p>The Dataset Publishing Language (DSPL), a core component of the Explorer&#8217;s functionality, was identified as the focal point for these security concerns.<\/p>\n<p>The vulnerability stems from the Google Public Data Explorer&#8217;s use of dataset metadata without implementing robust context-aware encoding or validation. Exploiting this flaw involves manipulating metadata values within a sample dataset, enabling threat actors to inject malicious JavaScript payloads.<\/p>\n<p>Specifically, by altering the name value in the dataset.xml file, attackers could execute arbitrary JavaScript within the secure confines of www.google.com.<\/p>\n<p>To emphasize the severity of the issue, a video proof-of-concept (POC) was provided, demonstrating the successful execution of a stored XSS attack on www.google.com (watch the video <a href=\"https:\/\/player.vimeo.com\/video\/258923005\" target=\"_blank\" rel=\"nofollow noopener\">here1<\/a> or <a href=\"https:\/\/vimeo.com\/258923005\" target=\"_blank\" rel=\"nofollow noopener\">here2<\/a>).<\/p>\n<p>The process entails crafting Dataset Publishing Language bundles, subtly manipulating metadata, and then publicly sharing the compromised dataset.<\/p>\n<p>&nbsp;<\/p>\n<h3>Lead to SSRF (port scan)<\/h3>\n<p>Moreover, DSPL&#8217;s functionality, designed to fetch data from remote sources, introduced a secondary threat. The researcher identified that this feature, if exploited, could lead to SSRF attacks, enabling threat actors to access local services.<\/p>\n<p>A crafted dataset.xml file exemplified this, attempting to retrieve data from <strong><em>ftp:\/\/0.0.0.0:22<\/em><\/strong>, which exposed the local SSH banner response\u2014a service not publicly accessible.<\/p>\n<p>&nbsp;<\/p>\n<h3>USD 18000 Total Bounty for XSS and SSRF Google Dataset<\/h3>\n<p>The researcher responsibly disclosed these vulnerabilities to Google in January 2018. By February of the same year, Google verified and promptly addressed the reported issues. Recognizing the gravity of the flaws, Google&#8217;s Vulnerability Rewards Program (Google VRP) awarded the researcher <strong>$5000<\/strong> for the stored XSS issue and an additional <strong>$13337<\/strong> for the SSRF vulnerability.<\/p>\n<p>This incident underscores the ongoing necessity for robust security measures in data visualization tools. Google&#8217;s proactive response reflects a commitment to fortifying the security of its Public Data Explorer, underscoring the broader industry&#8217;s continuous efforts to mitigate emerging cybersecurity threats. As digital landscapes evolve, vigilance and swift action remain paramount in safeguarding against potential exploits.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Link to read full write up:\u00a0<\/strong><a href=\"https:\/\/s1gnalcha0s.github.io\/dspl\/2018\/03\/07\/Stored-XSS-and-SSRF-Google.html\" target=\"_blank\" rel=\"nofollow noopener\"><em>here<\/em><\/a><\/p>\n<p><strong>Save the PDF<\/strong>\u00a0<a href=\"https:\/\/secry.me\/explore\/pdf-story\/SSRF\/Stored%20XSS,%20and%20SSRF%20in%20Google%20using%20the%20Dataset%20Publishing%20Language.pdf\"><em>here<\/em><\/a><\/p>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>$18337 XSS and SSRF Google Dataset &#8211; In 2018 \u00a0Security researcher [@signalchaos] uncovered critical vulnerabilities within Google&#8217;s Public Data Explorer, shedding light on of potential stored XSS attacks and SSRF exploits. The Dataset Publishing Language (DSPL), a core component of the Explorer&#8217;s functionality, was identified as the focal point for these security concerns. The vulnerability [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4415,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[136,110,120],"tags":[143,417,419,416,418,123],"class_list":{"0":"post-4407","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-bug-bounty","8":"category-ssrf","9":"category-xss","10":"tag-google","11":"tag-google-dataset","12":"tag-google-vrp","13":"tag-ssrf","14":"tag-xml","15":"tag-xss"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY<\/title>\n<meta name=\"description\" content=\"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google&#039;s Public Data Explorer, shedding light\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY\" \/>\n<meta property=\"og:description\" content=\"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google&#039;s Public Data Explorer, shedding light\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-03T19:03:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-06T10:59:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/12\/SSRF-Google-Dataset.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/a0dca9413073b143bfc0db687dd0b0d6\"},\"headline\":\"Stored XSS and SSRF in Google using Dataset Publishing Language\",\"datePublished\":\"2023-12-03T19:03:36+00:00\",\"dateModified\":\"2023-12-06T10:59:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/\"},\"wordCount\":367,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/SSRF-Google-Dataset.png\",\"keywords\":[\"google\",\"Google Dataset\",\"Google VRP\",\"SSRF\",\"XML\",\"xss\"],\"articleSection\":[\"Bug Bounty\",\"SSRF\",\"XSS\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/\",\"name\":\"Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/SSRF-Google-Dataset.png\",\"datePublished\":\"2023-12-03T19:03:36+00:00\",\"dateModified\":\"2023-12-06T10:59:35+00:00\",\"description\":\"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google's Public Data Explorer, shedding light\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/SSRF-Google-Dataset.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/SSRF-Google-Dataset.png\",\"width\":1280,\"height\":720,\"caption\":\"XSS and SSRF Google Dataset\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Stored XSS and SSRF in Google using Dataset Publishing Language\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/a0dca9413073b143bfc0db687dd0b0d6\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY","description":"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google's Public Data Explorer, shedding light","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/","og_locale":"en_US","og_type":"article","og_title":"Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY","og_description":"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google's Public Data Explorer, shedding light","og_url":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2023-12-03T19:03:36+00:00","article_modified_time":"2023-12-06T10:59:35+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2023\/12\/SSRF-Google-Dataset.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/a0dca9413073b143bfc0db687dd0b0d6"},"headline":"Stored XSS and SSRF in Google using Dataset Publishing Language","datePublished":"2023-12-03T19:03:36+00:00","dateModified":"2023-12-06T10:59:35+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/"},"wordCount":367,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/12\/SSRF-Google-Dataset.png","keywords":["google","Google Dataset","Google VRP","SSRF","XML","xss"],"articleSection":["Bug Bounty","SSRF","XSS"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/","url":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/","name":"Stored XSS and SSRF in Google using Dataset Publishing Language | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/12\/SSRF-Google-Dataset.png","datePublished":"2023-12-03T19:03:36+00:00","dateModified":"2023-12-06T10:59:35+00:00","description":"$18337 XSS and SSRF Google Dataset - In 2018 \u00a0Security researcher uncovered critical vulnerabilities within Google's Public Data Explorer, shedding light","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/12\/SSRF-Google-Dataset.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2023\/12\/SSRF-Google-Dataset.png","width":1280,"height":720,"caption":"XSS and SSRF Google Dataset"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/stored-xss-and-ssrf-in-google-using-dataset-publishing-language\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"Stored XSS and SSRF in Google using Dataset Publishing Language"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/a0dca9413073b143bfc0db687dd0b0d6","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=4407"}],"version-history":[{"count":9,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4407\/revisions"}],"predecessor-version":[{"id":4562,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4407\/revisions\/4562"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/4415"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=4407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=4407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=4407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}