Google SSO misconfiguration leading to Account Takeover
I’m a technical guy. However, this post doesn’t contain any technical details (but that’s because this bug doesn’t require any).
I need to admit it: finding this bug was pure luck.
No skill was involved at all.