Acknowledgement from groklearning.com for disclosing a security vulnerability

Some time ago I’ve been testing the security of groklearning.com - a platform for online education using Python.

While doing that I stumbled upon a security vulnerability which lead to getting me shell access to one of the nodes in the groklearning.com cluster.

After discovering the vulnerability I’ve been working with the Security Team at groklearning.com in order to identify the root cause and eventually patch the security hole.

By doing that I got acknowledgement from groklearning.com for responsibly disclosing a security vulnerability :)

_config.yml

If you would like to read more about the security vulnerability which lead to shell access, please check this article which contains details about the security issue and the attack itself.

Written on April 6, 2014