Charlie Osborne reports:
Google has awarded $10,000 to a high school student for the discovery of a bug in Google’s App Engine server which could lead to information disclosure.
This week, Ezequiel Pereira said in a blog post that he went bug hunting on July 11 simply due to boredom, and after several failed attempts, stumbled upon a way to change the Host Header in requests to the App Engine server without authentication.
Read more on ZDNet.