Company Name: Ruby on Rails Company HackerOne URL: https://hackerone.com/rails Submitted By:haqplLink to Submitters Profile:https://hackerone.com/haqpl Report Title:ActionView sanitize helper bypass leading...
Company Name: 8x8 Company HackerOne URL: https://hackerone.com/8x8 Submitted By:ssharmazLink to Submitters Profile:https://hackerone.com/ssharmaz Report Title:xss(r) vcc-na11.8x8.comReport Link:https://hackerone.com/reports/1392733Date Submitted:10 July 2023 A...
Company Name: SHEIN Company HackerOne URL: https://hackerone.com/shein Submitted By:x1337loserLink to Submitters Profile:https://hackerone.com/x1337loser Report Title:RCE via npm misconfig -- installing internal...
Company Name: Tennessee Valley Authority Company HackerOne URL: https://hackerone.com/tennessee-valley-authority Submitted By:dreamer_ehLink to Submitters Profile:https://hackerone.com/dreamer_eh Report Title:Rate limit missing sign-in pageReport...
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:the_arch_angelLink to Submitters Profile:https://hackerone.com/the_arch_angel Report Title:Asset Inventory Internal Descriptions are leaked in...
Company Name: TikTok Company HackerOne URL: https://hackerone.com/tiktok Submitted By:zerodyLink to Submitters Profile:https://hackerone.com/zerody Report Title:CSRF protection bypass on TikTok Webcast EndpointsReport...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:polapain1337Link to Submitters Profile:https://hackerone.com/polapain1337 Report Title:Brute force protection allows to send more...
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:sw0rd1ightLink to Submitters Profile:https://hackerone.com/sw0rd1ight Report Title:CVE-2023-28710 Apache Airflow Spark Provider...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Expedia Group Bug Bounty Expedia Group Bug Bounty Submitted by maskopatol maskopatol Report https://www.wotif.com/vc/blog/info.php script is prone to...
Programme HackerOne curl curl Submitted by dhananjay09 dhananjay09 Report Cache purge requests are not authenticated Full Report A considerable...
Programme HackerOne Automattic Automattic Submitted by riadalrashed riadalrashed Report Stored XSS on wordpress.com Full Report A considerable amount of...
Programme HackerOne HackerOne HackerOne Submitted by alp alp Report Program managers can see draft reports using Export Reports feature Full...
Programme HackerOne Reddit Reddit Submitted by grayman0x1 grayman0x1 Report oauth misconfigration lead to account takeover Full Report A considerable...
Programme HackerOne Reddit Reddit Submitted by grayman0x1 grayman0x1 Report Reflected XSS via File Upload Full Report A considerable amount...
Programme HackerOne Reddit Reddit Submitted by grayman0x1 grayman0x1 Report CVE-2020-11022 Full Report A considerable amount of time and effort...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by ksw9722 ksw9722 Report Privilege Esacalation at Apache Airflow 2.5.1 Full...
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2023-28322: more POST-after-PUT confusion Full Report A considerable amount of...
Programme HackerOne Reddit Reddit Submitted by ghbjn ghbjn Report Huge amount of Subdomains Takeovers at Reddit.com Full Report A...
Programme HackerOne Reddit Reddit Submitted by dvorakxl dvorakxl Report Redirect parameter allows for XSS Full Report A considerable amount...
Programme HackerOne Reddit Reddit Submitted by helloitscyberguard helloitscyberguard Report Rate limit is implemented in Reddit , but its not working...
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2023-28321: IDN wildcard match Full Report A considerable amount of...
Programme HackerOne Reddit Reddit Submitted by prilcool prilcool Report HTML injection in API response including request url Full Report ...
