bug bounty

hackerone

HackerOne Bug Bounty Disclosure: b-staff-and-triage-can-modify-the-initial-post-of-a-report-including-of-already-disclosed-reports-b-zerotea

August 28, 2023

Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'zerotea'Link to Submitters Profile:https://hackerone.com/b'zerotea' Report Title:b'Staff and Triage can modify the initial...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-staff-and-triage-can-modify-the-initial-post-of-a-report-including-of-already-disclosed-reports-b-zerotea
hackerone

HackerOne Bug Bounty Disclosure: b-improper-access-control-on-linkedin-page-b-cybergoddess

August 24, 2023

Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'cybergoddess'Link to Submitters Profile:https://hackerone.com/b'cybergoddess' Report Title:b'Improper access control on Linkedin Page'Report Link:https://hackerone.com/reports/1587246Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-improper-access-control-on-linkedin-page-b-cybergoddess
hackerone

HackerOne Bug Bounty Disclosure: b-a-unverified-user-can-post-newsletter-which-is-not-allowed-through-application-ui-b-tushar

August 24, 2023

Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'tushar6378'Link to Submitters Profile:https://hackerone.com/b'tushar6378' Report Title:b'A Unverified User Can Post Newsletter (Which...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-a-unverified-user-can-post-newsletter-which-is-not-allowed-through-application-ui-b-tushar
hackerone

HackerOne Bug Bounty Disclosure: b-attackers-can-use-trial-premium-only-by-paying-idr-from-the-original-price-of-idr-per-month-b-find-me-here

August 24, 2023

Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'find_me_here'Link to Submitters Profile:https://hackerone.com/b'find_me_here' Report Title:b'Attackers can use TRIAL Premium only by...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-attackers-can-use-trial-premium-only-by-paying-idr-from-the-original-price-of-idr-per-month-b-find-me-here
hackerone

HackerOne Bug Bounty Disclosure: b-an-attacker-can-flag-draft-job-posts-and-can-disclose-the-draft-job-posts-details-similar-to-resolved-report-b-tushar

August 24, 2023

Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'tushar6378'Link to Submitters Profile:https://hackerone.com/b'tushar6378' Report Title:b'An Attacker Can Flag Draft Job Posts...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-an-attacker-can-flag-draft-job-posts-and-can-disclose-the-draft-job-posts-details-similar-to-resolved-report-b-tushar
hackerone

HackerOne Bug Bounty Disclosure: b-cross-origin-resource-sharing-arbitrary-origin-trusted-b-kalendra

August 22, 2023

Company Name: b'Radancy' Company HackerOne URL: https://hackerone.com/radancy Submitted By:b'kalendra456'Link to Submitters Profile:https://hackerone.com/b'kalendra456' Report Title:b'Cross-origin resource sharing: arbitrary origin trusted'Report Link:https://hackerone.com/reports/1848730Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-cross-origin-resource-sharing-arbitrary-origin-trusted-b-kalendra
hackerone

HackerOne Bug Bounty Disclosure: b-insecure-storage-of-information-you-can-view-any-file-uploaded-to-the-server-without-authentication-and-only-with-a-single-link-b-h

August 21, 2023

Company Name: b'Radancy' Company HackerOne URL: https://hackerone.com/radancy Submitted By:b'h03'Link to Submitters Profile:https://hackerone.com/b'h03' Report Title:b'insecure storage of information, you can view...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-insecure-storage-of-information-you-can-view-any-file-uploaded-to-the-server-without-authentication-and-only-with-a-single-link-b-h
hackerone

HackerOne Bug Bounty Disclosure: b-mk-dx-improper-metadata-validation-b-crazy-man

August 17, 2023

Company Name: b'Nintendo' Company HackerOne URL: https://hackerone.com/nintendo Submitted By:b'crazy_man123'Link to Submitters Profile:https://hackerone.com/b'crazy_man123' Report Title:b' Improper metadata validation 2'Report Link:https://hackerone.com/reports/1812732Date Submitted:17...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-mk-dx-improper-metadata-validation-b-crazy-man
hackerone

HackerOne Bug Bounty Disclosure: b-mk-dx-improper-metadata-parsing-b-crazy-man

August 17, 2023

Company Name: b'Nintendo' Company HackerOne URL: https://hackerone.com/nintendo Submitted By:b'crazy_man123'Link to Submitters Profile:https://hackerone.com/b'crazy_man123' Report Title:b' Improper metadata parsing'Report Link:https://hackerone.com/reports/1688309Date Submitted:17 August...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-mk-dx-improper-metadata-parsing-b-crazy-man
hackerone

HackerOne Bug Bounty Disclosure: b-renaming-aliasing-relative-symbolic-links-potentially-redirects-them-to-supposedly-inaccessible-locations-b-tniessen

August 15, 2023

Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'tniessen'Link to Submitters Profile:https://hackerone.com/b'tniessen' Report Title:b'Renaming/aliasing relative symbolic links potentially redirects them...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-renaming-aliasing-relative-symbolic-links-potentially-redirects-them-to-supposedly-inaccessible-locations-b-tniessen
hackerone

HackerOne Bug Bounty Disclosure: b-path-traversal-allows-tricking-the-talk-android-app-into-writing-files-into-it-s-root-directory-b-fr-via

August 14, 2023

Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'fr4via'Link to Submitters Profile:https://hackerone.com/b'fr4via' Report Title:b"Path traversal allows tricking the Talk Android...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-path-traversal-allows-tricking-the-talk-android-app-into-writing-files-into-it-s-root-directory-b-fr-via
hackerone

HackerOne Bug Bounty Disclosure: b-html-injection-on-newsroom-snap-com-via-search-q-b-jotita

August 14, 2023

Company Name: b'Snapchat' Company HackerOne URL: https://hackerone.com/snapchat Submitted By:b'jotita3'Link to Submitters Profile:https://hackerone.com/b'jotita3' Report Title:b'HTML injection on newsroom.snap.com/* via search?q=1'Report Link:https://hackerone.com/reports/2018615Date...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-html-injection-on-newsroom-snap-com-via-search-q-b-jotita
hackerone

HackerOne Bug Bounty Disclosure: b-hackerone-support-system-doesn-t-require-any-authentication-may-lead-unauthorized-action-b-rafsanzami

August 11, 2023

Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'rafsanzami'Link to Submitters Profile:https://hackerone.com/b'rafsanzami' Report Title:b"HackerOne Support System Doesn't Require Any Authentication...

Read MoreRead more about HackerOne Bug Bounty Disclosure: b-hackerone-support-system-doesn-t-require-any-authentication-may-lead-unauthorized-action-b-rafsanzami

You may have missed

image

CVE Alert: CVE-2025-9216 – kodezen – StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More

September 17, 2025
image

CVE Alert: CVE-2025-10058 – smackcoders – WP Import – Ultimate CSV XML Importer for WordPress

September 17, 2025
image

CVE Alert: CVE-2025-10057 – smackcoders – WP Import – Ultimate CSV XML Importer for WordPress

September 17, 2025
image

CVE Alert: CVE-2025-10143 – catchthemes – Catch Dark Mode

September 17, 2025
image

CVE Alert: CVE-2025-10589 – N-Partner – N-Reporter

September 17, 2025