BugCrowd Bug Bounty Disclosure: P5 - Dangerous RTLO Injection - By nt3c

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct at the time of posting.

Program

Program Information

asana

Program Details

Details

Additional Information

Priority: P5

It was possible to perform RTLO Injection (Right To Left Override Injection). This technique takes advantage of \u202E, a non-printing Unicode character that causes the text that follows it to be displayed in reverse it is commonly used to disguise a string and/or file name and/or url to make it appear benign and to bypass security defences.

Full Report (Source)

Submitted By

Submitter Information

Hacker Points: N/A
Hacker Accuracy: N/A
Hacker Rank: N/A

N/A

Submitter Profile

Tags: bug bounty, BugCrowd, OSINT

BugCrowd Bug Bounty Disclosure: P5 – Dangerous RTLO Injection – By nt3c

Program

Details

Submitted By

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Apple Releases Security Updates for Multiple Products

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA: Microsoft Releases May 2024 Security Updates

Program

Details

Submitted By

You may have missed

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Apple Releases Security Updates for Multiple Products

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA: Microsoft Releases May 2024 Security Updates