Are you a security researcher and want to report an issue you discovered? Go to g.co/vulnz.
Did you know?
Around 90% of reports we receive describe issues that are not security vulnerabilities, despite looking like one. For example:
- I'm receiving e-mail messages addressed to another user with a similar name.
It's most likely a typo made by that other person (please note that bob.foo@gmail.com is actually the same account as bobfoo@gmail.com). Go ahead and read this article for an explanation, it's not a bug. - XSS in translate.googleusercontent.com or yourblog.blogspot.com
These are examples of sandbox domains created specifically to ensure that XSS there does not pose a risk to our users. It's not a vulnerability. - And there's lots more! If you are a security researcher, make sure to look at the articles on "Invalid reports" available on our Bug Hunter University before reporting an issue.
Further resources:
- For information on protecting yourself and your personal information, please visit our Safety Center for tips on staying safe online.
- To find answers to many common questions and concerns about privacy and user data related to any Google product or service, please visit our Privacy Help Center.