From 8bacb080857dffe3982a453b181f9056e3d94568 Mon Sep 17 00:00:00 2001
From: SirBroccoli <carlospolop@gmail.com>
Date: Sun, 7 Dec 2025 12:15:37 +0100
Subject: [PATCH] Update gcp-firebase-privesc.md

---
 .../gcp-privilege-escalation/gcp-firebase-privesc.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-firebase-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-firebase-privesc.md
index 747098032..8f531e91a 100644
--- a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-firebase-privesc.md
+++ b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-firebase-privesc.md
@@ -127,8 +127,8 @@ A function is vulnerable when it is insecurely configured:
 
 Firebase HTTP Cloud Functions are exposed through URLs such as:
 
-- [https://<region>-<project-id>.cloudfunctions.net/<function-name>](https://<region>-<project-id>.cloudfunctions.net/<function-name>)
-- https://<project-id>.web.app/<function-name> (when integrated with Firebase Hosting)
+- `https://<region>-<project-id>.cloudfunctions.net/<function-name>`
+- `https://<project-id>.web.app/<function-name>` (when integrated with Firebase Hosting)
 
 An attacker can discover these URLs through source code analysis, network traffic inspection, enumeration tools, or mobile app reverse engineering.
 If the function is publicly exposed and unauthenticated, the attacker can invoke it directly without credentials.