Programme HackerOne Node.js Node.js Submitted by zeyu2001 zeyu2001 Report DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices)...
Programme HackerOne Yelp Yelp Submitted by qualwin3001 qualwin3001 Report CORS Misconfiguration on Yelp Full Report A considerable amount of time...
Programme HackerOne Reddit Reddit Submitted by criptex criptex Report XSS Reflected on reddit.com via url path Full Report A considerable...
Programme HackerOne Adobe Adobe Submitted by gdattacker gdattacker Report Main Domain Takeover at https://www.marketo.net/ Full Report A considerable amount of...
Programme HackerOne Basecamp Basecamp Submitted by fr4via fr4via Report com.basecamp.bc3 Webview Javascript Injection and JS bridge takeover Full Report A...
Programme HackerOne 8x8 8x8 Submitted by is- is- Report DLL Search-Order Hijacking Vulnerability in work-64-exe-v7.16.3-1.exe Full Report A considerable amount...
Programme HackerOne GitLab GitLab Submitted by joaxcar joaxcar Report XSS in ZenTao integration affecting self hosted instances without strict CSP...
Programme HackerOne Mattermost Mattermost Submitted by catenacyber catenacyber Report DOS: out of memory from gif through upload api Full Report...
Programme HackerOne Vanilla Vanilla Submitted by admin0x00 admin0x00 Report CORS Misconfiguration on vanillaforums.com Full Report A considerable amount of time...
Programme HackerOne MTN Group MTN Group Submitted by sachinrajput sachinrajput Report There is no rate limit for SME REGISTRATION PORTAL...
Programme HackerOne HackerOne HackerOne Submitted by mega7 mega7 Report HTML Injection in email via Name field Full Report A considerable...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by nyymi nyymi Report Airflow Daemon Mode Insecure Umask Privilege Escalation...
Programme HackerOne Nextcloud Nextcloud Submitted by ro0telqayser ro0telqayser Report Information exposure in in guzzlehttp/guzzle (https://github.com/nextcloud/3rdparty/tree/master/guzzlehttp/guzzle) Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by daniel_calvino_sanchez daniel_calvino_sanchez Report Last video frame is still sent after video is disabled in...
Programme HackerOne Nextcloud Nextcloud Submitted by tomorrowisnew_ tomorrowisnew_ Report SSRF via potential filter bypass with too lax local domain checking...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report Remote Code Execution on https://...
Programme HackerOne Linktree Linktree Submitted by bug_vs_me bug_vs_me Report No validation to Image upload user can upload ( php APK...
Programme HackerOne Meredith Meredith Submitted by error201 error201 Report Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie...
Programme HackerOne Dropbox Dropbox Submitted by fransrosen fransrosen Report Abuse cookie-modification, toast HTML and expired domain in CSP-form-action replacing login-page...
Programme HackerOne GitLab GitLab Submitted by vakzz vakzz Report RCE via the DecompressedArchiveSizeValidator and Project BulkImports (behind feature flag) Full...
Programme HackerOne Glassdoor Glassdoor Submitted by nokline nokline Report XSS in http://www.glassdoor.com/Search/results.htm via Parameter Pollution Full Report A considerable amount...
Programme HackerOne GitLab GitLab Submitted by afewgoats afewgoats Report ReDoS in net/http affects webhooks: Sidekiq job stuck at 100% CPU...
Programme HackerOne GitLab GitLab Submitted by patronum-m patronum-m Report No Restriction on password Full Report A considerable amount of time...
Programme HackerOne Glassdoor Glassdoor Submitted by nokline nokline Report Web Cache Poisoning leads to XSS and DoS Full Report A...
