HackerOne Bug Bounty Disclosure: redos-in-time-rfc2822byooooooo_q
Programme HackerOne Ruby Ruby Submitted by ooooooo_q ooooooo_q Report ReDoS in Time.rfc2822 Full Report A considerable amount of time...
Bug Bounty
HackerOne Bug Bounty Disclosure: connect-8×8-com:-blind-ssrf-via-/api/v2/chats/image-check-allows-for-internal-ports-scanbyyassinek3ch
Programme HackerOne 8x8 Bounty 8x8 Bounty Submitted by yassinek3ch yassinek3ch Report connect.8x8.com: Blind SSRF via /api/v2/chats/image-check allows for Internal Ports...
HackerOne Bug Bounty Disclosure: default-credentials-on-kinetic-core-system-console—https:///kinetic/app/bywaterlord7788
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by waterlord7788 waterlord7788 Report Default Credentials on Kinetic Core...
HackerOne Bug Bounty Disclosure: exposed-git-repo-on-[htus]bynightm4re
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by nightm4re nightm4re Report Exposed GIT repo on Full...
HackerOne Bug Bounty Disclosure: aem-misconfiguration-leads-to-information-disclosurebycametome006
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cametome006 cametome006 Report AEM misconfiguration leads to Information...
HackerOne Bug Bounty Disclosure: csrf-to-delete-accounts-[htus]bynightm4re
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by nightm4re nightm4re Report CSRF to delete accounts Full...
HackerOne Bug Bounty Disclosure: [hta3]-remote-code-execution-onbycdl
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report Remote Code Execution on Full...
HackerOne Bug Bounty Disclosure: ldap-server-null-bind-connection-information-disclosureby0xmaruf
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xmaruf 0xmaruf Report LDAP Server NULL Bind Connection...
HackerOne Bug Bounty Disclosure: sensitive-data-exposure-via-wp-config-php-fileby0r10nh4ck
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0r10nh4ck 0r10nh4ck Report Sensitive Data Exposure via wp-config.php...
HackerOne Bug Bounty Disclosure: [hta2]-xxe-on-https://-via-spellcheck-endpoint-bycdl
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report XXE on https:// via SpellCheck...
HackerOne Bug Bounty Disclosure: reflected-xss-vulnerability-with-full-csp-bypass-in-nextcloud-installations-using-recommended-bundlebylukasreschke
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Reflected XSS vulnerability with full CSP bypass in Nextcloud installations using...
HackerOne Bug Bounty Disclosure: xss-in-servicenow-logout-https://:443bycolemanj
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by colemanj colemanj Report XSS in ServiceNow logout https://:443...
HackerOne Bug Bounty Disclosure: [-continuation-report-from-#1814842-]-can-create-articles-using-other-users’-newslettersbyfind_me_here
Programme HackerOne LinkedIn LinkedIn Submitted by find_me_here find_me_here Report Can create articles using other users' NewsLetters Full Report A...
HackerOne Bug Bounty Disclosure: pii-of-users-can-be-downloaded-from-export-pagesbychip_sec
Programme HackerOne WordPress WordPress Submitted by chip_sec chip_sec Report PII of users can be downloaded from export pages Full Report...
HackerOne Bug Bounty Disclosure: html-injection-in-email-at-https://www-hackerone-com/byiamr0000t
Programme HackerOne HackerOne HackerOne Submitted by iamr0000t iamr0000t Report HTML injection in email at https://www.hackerone.com/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: facebook-app-api-credentials-leaked-in-the-apkbychip_sec
Programme HackerOne GlassWire GlassWire Submitted by chip_sec chip_sec Report Facebook App API credentials leaked in the APK Full Report ...
HackerOne Bug Bounty Disclosure: delete-any-linkedin-comment-on-learning-api-of-other-usersbyencodedguy
Programme HackerOne LinkedIn LinkedIn Submitted by encodedguy encodedguy Report Delete any LinkedIn comment on learning API of other users Full...
HackerOne Bug Bounty Disclosure: attacker-can-unpin-posts-from-companies-he’s-not-part-of-byspaceboy20
Programme HackerOne LinkedIn LinkedIn Submitted by spaceboy20 spaceboy20 Report Attacker can unpin posts from companies he's not part of. Full...
HackerOne Bug Bounty Disclosure: attackers-do-not-need-to-pay-for-a-subscription-to-get-the-`discussion-group-url`-in-`paid-learning`byfind_me_here
Programme HackerOne LinkedIn LinkedIn Submitted by find_me_here find_me_here Report Attackers do not need to Pay for a Subscription to get...
HackerOne Bug Bounty Disclosure: moodle-xss-on-s-immerscio-comprehend-ibm-comby0xpugazh
Programme HackerOne IBM IBM Submitted by 0xpugazh 0xpugazh Report Moodle XSS on s-immerscio.comprehend.ibm.com Full Report A considerable amount of...
BugCrowd Bug Bounty Disclosure: – Login Capctha Bypass – By mewtw0
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: reset-password-link-sent-over-unsecured-http-protocolbyuchihaluckycs
Programme HackerOne Mattermost Mattermost Submitted by uchihaluckycs uchihaluckycs Report Reset password link sent over unsecured http protocol Full Report ...
HackerOne Bug Bounty Disclosure: download-file-type-warning-on-windows-does-not-appear-if-“ask-where-to-save-file-before-downloading”-setting-is-enabledbyameenbasha
Programme HackerOne Brave Software Brave Software Submitted by ameenbasha ameenbasha Report download file type warning on Windows does not appear...
HackerOne Bug Bounty Disclosure: subdomain-takeover-affecting-at–vex-weather-combygdattacker
Programme HackerOne IBM IBM Submitted by gdattacker gdattacker Report Subdomain Takeover Affecting at vex.weather.com Full Report A considerable amount...
