HackerOne Bug Bounty Disclosure: stored-xss-in-repository-file-viewerbykannthu
Programme HackerOne GitLab GitLab Submitted by kannthu kannthu Report Stored XSS in repository file viewer Full Report
Bug Bounty
HackerOne Bug Bounty Disclosure: email-html-injectionbysmitgharat0001
Programme HackerOne Slack Slack Submitted by smitgharat0001 smitgharat0001 Report Email html Injection Full Report
HackerOne Bug Bounty Disclosure: xss-and-iframe-injection-on-tiktok-ads-portal-using-redirect-paramsbycancerz
Programme HackerOne TikTok TikTok Submitted by cancerz cancerz Report XSS and iframe injection on tiktok ads portal using redirect params...
HackerOne Bug Bounty Disclosure: conduit-feed-publish-api-allows-you-to-spoof-other-users-or-make-it-look-like-you-have-access-to-a-restricted-objectbydyls
Programme HackerOne Phabricator Phabricator Submitted by dyls dyls Report Conduit feed.publish API allows you to spoof other users or make...
HackerOne Bug Bounty Disclosure: integer-overflow-vulnerabilityby0f1c3r
Programme HackerOne Glovo Glovo Submitted by 0f1c3r 0f1c3r Report Integer overflow vulnerability Full Report
HackerOne Bug Bounty Disclosure: [app-lemlist-com]-improper-handling-of-payment-lead-to-bypass-paymentbyomarelfarsaoui
Programme HackerOne lemlist lemlist Submitted by omarelfarsaoui omarelfarsaoui Report Improper handling of payment lead to bypass payment Full Report
HackerOne Bug Bounty Disclosure: cve-2022-27781:-certinfo-never-ending-busy-loopbysybr
Programme HackerOne curl curl Submitted by sybr sybr Report CVE-2022-27781: CERTINFO never-ending busy-loop Full Report
HackerOne Bug Bounty Disclosure: security-misconfigurationbymr23r0
Programme HackerOne lemlist lemlist Submitted by mr23r0 mr23r0 Report Security misconfiguration Full Report
HackerOne Bug Bounty Disclosure: http-request-smuggling-in-transform-rules-using-hexadecimal-escape-sequences-in-the-concat()-functionbyalbertspedersen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP Request Smuggling in Transform...
HackerOne Bug Bounty Disclosure: site-information’s-display-name-section-vulnerable-for-xss-attacks-and-html-injections-bysawrav-chowdhury
Programme HackerOne Automattic Automattic Submitted by sawrav-chowdhury sawrav-chowdhury Report Site information's Display Name section vulnerable for XSS attacks and HTML...
HackerOne Bug Bounty Disclosure: origin-ip-found,-waf-cloudflare-bypassbymrrobot2050
Programme HackerOne SMTP2GO BBP SMTP2GO BBP Submitted by mrrobot2050 mrrobot2050 Report Origin IP found, WAF Cloudflare Bypass Full Report
HackerOne Bug Bounty Disclosure: download-full-backup–[mtn-co-rw]byibrahimatix0x01
Programme HackerOne MTN Group MTN Group Submitted by ibrahimatix0x01 ibrahimatix0x01 Report Download full backup Full Report
HackerOne Bug Bounty Disclosure: disclose-stuff-member-name-and-make-actions-byzambo
Programme HackerOne Shopify Shopify Submitted by zambo zambo Report Disclose STUFF member name and make actions. Full Report
HackerOne Bug Bounty Disclosure: credential-leak-on-redirectbyiylz
Programme HackerOne curl curl Submitted by iylz iylz Report Credential leak on redirect Full Report
HackerOne Bug Bounty Disclosure: public-postman-api-collection-leaks-internal-access-to-https://assets-paris-dev-codefi-network/bypolem4rch
Programme HackerOne Consensys Consensys Submitted by polem4rch polem4rch Report Public Postman Api Collection Leaks Internal access to https://assets-paris-dev.codefi.network/ Full Report
HackerOne Bug Bounty Disclosure: disclose-customer-orders-details-by-shopify-chat-application-byzambo
Programme HackerOne Shopify Shopify Submitted by zambo zambo Report Disclose customer orders details by shopify chat application. Full Report
HackerOne Bug Bounty Disclosure: cookie-injection-from-non-secure-contextbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report Cookie injection from non-secure context Full Report
HackerOne Bug Bounty Disclosure: [java]-cwe-016:-query-to-detect-insecure-configuration-of-spring-boot-actuatorbyluchua
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by luchua luchua Report CWE-016: Query to detect insecure configuration of...
HackerOne Bug Bounty Disclosure: memory-leak-in-curlopt_xoauth2_bearerbypappacoda
Programme HackerOne curl curl Submitted by pappacoda pappacoda Report Memory leak in CURLOPT_XOAUTH2_BEARER Full Report
HackerOne Bug Bounty Disclosure: [java]:-cwe-321—query-to-detect-hardcoded-jwt-secret-keysbyluchua
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by luchua luchua Report : CWE-321 - Query to detect hardcoded...
HackerOne Bug Bounty Disclosure: [cpp]:-add-query-for-cwe-754:-improper-check-for-unusual-or-exceptional-conditions-when-using-functions-scanfbyihsinme
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report : Add query for CWE-754: Improper Check...
HackerOne Bug Bounty Disclosure: [java]:-cwe-552-add-sources-and-sinks-to-detect-unsafe-getresource-calls-in-java-ee-applicationsbyluchua
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by luchua luchua Report : CWE-552 Add sources and sinks to...
HackerOne Bug Bounty Disclosure: [cpp]:-add-query-for-cwe-190:-integer-overflow-or-wraparound-when-using-transform-after-operationbyihsinme
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report : Add query for CWE-190: Integer Overflow...
BugCrowd Bug Bounty Disclosure: P4 – Reflected XSS in https://www.indeed.com/career-advice/ – By cr00k
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
