Critical YouTube Flaw Leaks User Emails via Pixel Recorder
2025-02-12
A critical vulnerability in YouTube allows attackers to leak the email address of any YouTube user by exploiting the Google Pixel Recorder service. The attack chain involves first obtaining the user's obfuscated Gaia ID through YouTube's /get_item_context_menu endpoint. Then, by leveraging Pixel Recorder's sharing functionality and bypassing notification mechanisms, the attacker converts the Gaia ID into the email address. While the exploit requires a complex chain of steps, its impact is significant, resulting in a $10,500 bounty from Google.