Programme HackerOne U.S. Department of State U.S. Department of State Submitted by tmz900 tmz900 Report RXSS on https://travel.state.gov/content/travel/en/search.html Full Report...
Programme HackerOne Stripe Stripe Submitted by phor3nsic phor3nsic Report Object injection in `stripe-billing-typographic` GitHub project via /auth/login Full Report A...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Extraction of Pages build scripts,...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by czchen czchen Report Argo CD reconciles apps outside configured namespaces...
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Targeted phishing attacks in Login flow v2 Full Report A considerable...
Programme HackerOne Yelp Yelp Submitted by msgandole msgandole Report Direct access to tox.ini file which is contain configuration details Full...
Programme HackerOne Stripe Stripe Submitted by sn-shyk sn-shyk Report HTML Injection in the Invoice memos field Full Report A considerable...
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Messages can still be seen on conversation after expiring when cron...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne Stripe Stripe Submitted by ian ian Report Fee discounts can be redeemed many times, resulting in unlimited fee-free...
Programme HackerOne Automattic Automattic Submitted by 0xwega74 0xwega74 Report Stored XSS on app.crowdsignal.com your-subdomain.crowdsignal.net via Thank You Header Full Report...
Programme HackerOne Nextcloud Nextcloud Submitted by rullzer rullzer Report Download permissions can be changed by resharer Full Report A considerable...
Programme HackerOne Krisp Krisp Submitted by mikemyers mikemyers Report SQL Injection + Insecure Deserialization leads to Remote Code Execution on...
Programme HackerOne Node.js Node.js Submitted by timon8 timon8 Report CRLF Injection in Nodejs undici via host Full Report A considerable...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by ismailu ismailu Report xss and html injection on...
Programme HackerOne curl curl Submitted by monnerat monnerat Report CVE-2023-23916: HTTP multi-header compression denial of service Full Report A considerable...
Programme HackerOne Twitter Twitter Submitted by eissen5c eissen5c Report The Deleted Polls is Still Accessable after 30 Days Full Report...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by spell1 spell1 Report Splunk Sensitive Information Disclosure @axiellstore.usahec.org...
Programme HackerOne Nextcloud Nextcloud Submitted by obitorasu obitorasu Report SSRF via filter bypass due to lax checking on IPs Full...
Programme HackerOne HackerOne HackerOne Submitted by syjane syjane Report HackerOne Undisclosed Report Leak via PoC of Full Disclosure on Hacktivity...
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report Desktop client can be tricked into opening/executing local files when clicking...
Programme HackerOne 8x8 Bounty 8x8 Bounty Submitted by ex0dus-0x ex0dus-0x Report Jitsi Desktop Client RCE By Interacting with Malicious URL...
Programme HackerOne EXNESS EXNESS Submitted by ashwarya ashwarya Report Double forward slash breaks server-side restrictions & allows access to prohibited...
