https://www.theverge.com/2017/10/31/16581006/google-bug-issue-tracker-vulnerability-report

Google has an internal platform called Google Issue Tracker that tracks a list of bugs and unpatched vulnerabilities, but that platform itself had a bug that allowed one security researcher to access anything on the list, reports Motherboard. This would have permitted someone to view all of Google’s requested features and unpatched bugs, potentially allowing hackers to exploit the information. Google has since patched the flaw.

Security researcher Alex Birsan was able to access that information by using a function that allows external researchers to unsubscribe from email lists about particular issues. Once unsubscribed, the system would then send details of the bug in a final response. The system assumed the user had permission in the first place, so Birsan found that if he unsubscribed from a particular list he had never actually subscribed to, he could still get details of different vulnerabilities. Birsan was able to see vulnerability reports along with “everything else” on the Issue Tracker.