Bug Bounty

Bug Bounty

BugCrowd Bug Bounty Disclosure: – – By Orange_hacker

May 1, 2024

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – – By Renwa

May 1, 2024

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – – By mmmdspl

May 1, 2024

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

HackerOne Bug Bounty Disclosure: attachment-disclosure-via-summary-report-xklepxn

April 29, 2024

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:xklepxnLink to Submitters Profile:https://hackerone.com/xklepxn Report Title:Attachment disclosure via summary report Report Link:https://hackerone.com/reports/2442008Date...

HackerOne Bug Bounty Disclosure: cve-apache-airflow-authentication-bypass-when-legacy-openid-is-in-use-as-auth-type-parantheses

April 28, 2024

Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:paranthesesLink to Submitters Profile:https://hackerone.com/parantheses Report Title:CVE-2024-25128: Apache Airflow: Authentication Bypass...

HackerOne Bug Bounty Disclosure: cve-potential-regular-expression-denial-of-service-in-django-utils-text-truncator-words-scyoon

April 28, 2024

Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:scyoonLink to Submitters Profile:https://hackerone.com/scyoon Report Title:CVE-2024-27351: Potential regular expression denial-of-service...

HackerOne Bug Bounty Disclosure: jira-credential-disclosure-within-mozilla-slack-griffinf

April 23, 2024

Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:griffinfLink to Submitters Profile:https://hackerone.com/griffinf Report Title:Jira Credential Disclosure within Mozilla SlackReport Link:https://hackerone.com/reports/2467999Date...

HackerOne Bug Bounty Disclosure: rxss-in-hidden-parameter-hassan-sheet

April 23, 2024

Company Name: IBM Company HackerOne URL: https://hackerone.com/ibm Submitted By:hassan_sheetLink to Submitters Profile:https://hackerone.com/hassan_sheet Report Title:RXSS in hidden parameterReport Link:https://hackerone.com/reports/2090964Date Submitted:23 April...

HackerOne Bug Bounty Disclosure: adobe-experience-manager-childlist-selector-cross-site-scripting-on-cbconnection-stage-adobe-com-renzi

April 22, 2024

Company Name: Adobe Company HackerOne URL: https://hackerone.com/adobe Submitted By:renziLink to Submitters Profile:https://hackerone.com/renzi Report Title:Adobe Experience Manager 'Childlist selector' - Cross-Site...

HackerOne Bug Bounty Disclosure: cleartext-transmission-of-password-via-email-tuannq-gg

April 22, 2024

Company Name: Sheer Company HackerOne URL: https://hackerone.com/sheer_bbp Submitted By:tuannq_ggLink to Submitters Profile:https://hackerone.com/tuannq_gg Report Title:Cleartext Transmission of password via EmailReport Link:https://hackerone.com/reports/2337938Date...

HackerOne Bug Bounty Disclosure: docker-secret-disclosure-via-github-actions-cache-poisoning-adnanthekhan

April 20, 2024

Company Name: Hyperledger Company HackerOne URL: https://hackerone.com/hyperledger Submitted By:adnanthekhanLink to Submitters Profile:https://hackerone.com/adnanthekhan Report Title:Docker Secret Disclosure via GitHub Actions Cache...

HackerOne Bug Bounty Disclosure: unprotected-atlantis-server-at-hxxps-fo-x

April 11, 2024

Company Name: 8x8 Company HackerOne URL: https://hackerone.com/8x8 Submitted By:fo00xLink to Submitters Profile:https://hackerone.com/fo00x Report Title:Unprotected Atlantis Server at hXXps://15270Report Link:https://hackerone.com/reports/2223041Date Submitted:11...

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

April 11, 2024

Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:maxdhaLink to Submitters Profile:https://hackerone.com/maxdha Report Title:#2 XSS on watchdocsindriverappcomReport Link:https://hackerone.com/reports/2015074Date Submitted:11 April...

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

April 11, 2024

Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:maxdhaLink to Submitters Profile:https://hackerone.com/maxdha Report Title:#3 XSS on watchdocsindriverappcomReport Link:https://hackerone.com/reports/2028265Date Submitted:11 April...

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

April 11, 2024

Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:maxdhaLink to Submitters Profile:https://hackerone.com/maxdha Report Title:#1 XSS on watchdocsindriverappcomReport Link:https://hackerone.com/reports/2014955Date Submitted:11 April...

HackerOne Bug Bounty Disclosure: reflected-xss-on-pangle-endpoint-m-x

April 5, 2024

Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:m7xLink to Submitters Profile:https://hackerone.com/m7x Report Title:Reflected XSS on Pangle Endpoint Report Link:https://hackerone.com/reports/2352968Date...

HackerOne Bug Bounty Disclosure: -portswigger-net-path-traversal-al-cms-audioitems–xd-m

April 4, 2024

Company Name: PortSwigger Web Security Company HackerOne URL: https://hackerone.com/portswigger Submitted By:0xd0m7Link to Submitters Profile:https://hackerone.com/0xd0m7 Report Title:net] Path Traversal al /cms/audioitemsReport...

HackerOne Bug Bounty Disclosure: using-branded-hashtag-feature-user-partnered-with-account-manager-can-view-videos-uploaded-by-a-private-tiktok-account-if-item-id-is-known-dxcoder

April 3, 2024

Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:dxcoderLink to Submitters Profile:https://hackerone.com/dxcoder Report Title:Using Branded Hashtag Feature User Partnered with...

HackerOne Bug Bounty Disclosure: usage-of-disabled-protocol-in-curl-dfandrich

March 29, 2024

Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:dfandrichLink to Submitters Profile:https://hackerone.com/dfandrich Report Title:Usage of disabled protocol in...

HackerOne Bug Bounty Disclosure: cookie-is-sent-on-redirect-iylz

March 28, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:iylzLink to Submitters Profile:https://hackerone.com/iylz Report Title:cookie is sent on redirectReport Link:https://hackerone.com/reports/2352676Date Submitted:28...

HackerOne Bug Bounty Disclosure: new-hacktivity-features-bounty-rewards-leakage-where-programs-doesnt-decide-to-disclose-bounty-in-limited-disclosure-report-nitsec

March 28, 2024

Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:nitsec7Link to Submitters Profile:https://hackerone.com/nitsec7 Report Title:New Hacktivity features:Bounty rewards leakage Where programs...

HackerOne Bug Bounty Disclosure: xss-in-gocd-analytics-plugin-redyetihacks

March 27, 2024

Company Name: GoCD Company HackerOne URL: https://hackerone.com/gocd Submitted By:redyetihacksLink to Submitters Profile:https://hackerone.com/redyetihacks Report Title:XSS in GOCD Analytics PluginReport Link:https://hackerone.com/reports/2433634Date Submitted:27...

HackerOne Bug Bounty Disclosure: cve-quic-certificate-check-bypass-with-wolfssl-fullmetal

March 27, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:fullmetal5Link to Submitters Profile:https://hackerone.com/fullmetal5 Report Title:CVE-2024-2379: QUIC certificate check bypass with wolfSSLReport...

HackerOne Bug Bounty Disclosure: cve-usage-of-disabled-protocol-dfandrich

March 27, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:dfandrichLink to Submitters Profile:https://hackerone.com/dfandrich Report Title:CVE-2024-2004: Usage of disabled protocolReport Link:https://hackerone.com/reports/2384833Date Submitted:27...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – – By Orange_hacker

BugCrowd Bug Bounty Disclosure: – – By Renwa

BugCrowd Bug Bounty Disclosure: – – By mmmdspl

HackerOne Bug Bounty Disclosure: attachment-disclosure-via-summary-report-xklepxn

HackerOne Bug Bounty Disclosure: cve-apache-airflow-authentication-bypass-when-legacy-openid-is-in-use-as-auth-type-parantheses

HackerOne Bug Bounty Disclosure: cve-potential-regular-expression-denial-of-service-in-django-utils-text-truncator-words-scyoon

HackerOne Bug Bounty Disclosure: jira-credential-disclosure-within-mozilla-slack-griffinf

HackerOne Bug Bounty Disclosure: rxss-in-hidden-parameter-hassan-sheet

HackerOne Bug Bounty Disclosure: adobe-experience-manager-childlist-selector-cross-site-scripting-on-cbconnection-stage-adobe-com-renzi

HackerOne Bug Bounty Disclosure: cleartext-transmission-of-password-via-email-tuannq-gg

HackerOne Bug Bounty Disclosure: docker-secret-disclosure-via-github-actions-cache-poisoning-adnanthekhan

HackerOne Bug Bounty Disclosure: unprotected-atlantis-server-at-hxxps-fo-x

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

HackerOne Bug Bounty Disclosure: -xss-on-watchdocs-indriverapp-com-maxdha

HackerOne Bug Bounty Disclosure: reflected-xss-on-pangle-endpoint-m-x

HackerOne Bug Bounty Disclosure: -portswigger-net-path-traversal-al-cms-audioitems–xd-m

HackerOne Bug Bounty Disclosure: using-branded-hashtag-feature-user-partnered-with-account-manager-can-view-videos-uploaded-by-a-private-tiktok-account-if-item-id-is-known-dxcoder

HackerOne Bug Bounty Disclosure: usage-of-disabled-protocol-in-curl-dfandrich

HackerOne Bug Bounty Disclosure: cookie-is-sent-on-redirect-iylz

HackerOne Bug Bounty Disclosure: new-hacktivity-features-bounty-rewards-leakage-where-programs-doesnt-decide-to-disclose-bounty-in-limited-disclosure-report-nitsec

HackerOne Bug Bounty Disclosure: xss-in-gocd-analytics-plugin-redyetihacks

HackerOne Bug Bounty Disclosure: cve-quic-certificate-check-bypass-with-wolfssl-fullmetal

HackerOne Bug Bounty Disclosure: cve-usage-of-disabled-protocol-dfandrich

CVE Alert: CVE-2025-3867

CVE Alert: CVE-2025-46617

CVE Alert: CVE-2025-46616

CVE Alert: CVE-2025-3868

CVE Alert: CVE-2025-3866

You may have missed