HackerOne Bug Bounty Disclosure: dos-via-issue-previewbylegit-security
Programme HackerOne GitLab GitLab Submitted by legit-security legit-security Report DOS via issue preview Full Report A considerable amount of time...
Bug Bounty
HackerOne Bug Bounty Disclosure: dos-via-move_issuebylegit-security
Programme HackerOne GitLab GitLab Submitted by legit-security legit-security Report DOS via move_issue Full Report A considerable amount of time and...
HackerOne Bug Bounty Disclosure: path-paths-and-file-disclosure-vulnerabilities-at-influxdb-quality-gitlab-netbyotoyyy
Programme HackerOne GitLab GitLab Submitted by otoyyy otoyyy Report Path paths and file disclosure vulnerabilities at influxdb.quality.gitlab.net Full Report A...
HackerOne Bug Bounty Disclosure: repositorypipeline-allows-importing-of-local-git-reposbyvakzz
Programme HackerOne GitLab GitLab Submitted by vakzz vakzz Report RepositoryPipeline allows importing of local git repos Full Report A considerable...
BugCrowd Bug Bounty Disclosure: – Several internal applications have open CORS, allowing external folks to access the content – By bigBugGuy
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: command-injection-in-github-actions-containerstephostbyjupenur
Programme HackerOne GitHub GitHub Submitted by jupenur jupenur Report Command injection in GitHub Actions ContainerStepHost Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: archived-/-deleted-/-private-poll-can-be-viewed-by-another-users-[crowdsignal-wordpress-plugins]byapapedulimu
Programme HackerOne Automattic Automattic Submitted by apapedulimu apapedulimu Report Archived / Deleted / Private Poll Can Be Viewed by Another...
HackerOne Bug Bounty Disclosure: stored-xss-in-intensedebate-com-via-the-comments-rssbybugra
Programme HackerOne Automattic Automattic Submitted by bugra bugra Report Stored XSS in intensedebate.com via the Comments RSS Full Report A...
HackerOne Bug Bounty Disclosure: xss-in-socialicon-linkbysudi
Programme HackerOne Linktree Linktree Submitted by sudi sudi Report XSS in SocialIcon Link Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: accessing/editing-folders-of-other-users-in-the-orginisation-bysnapsec
Programme HackerOne Lark Technologies Lark Technologies Submitted by snapsec snapsec Report Accessing/Editing Folders of Other Users in the Orginisation. Full...
HackerOne Bug Bounty Disclosure: html-injection-found-on-https://adobedocs-github-io/analytics-1-4-apis/swagger-docs-html-due-to-outdated-swagger-uibydreamer_eh
Programme HackerOne Adobe Adobe Submitted by dreamer_eh dreamer_eh Report HTML INJECTION FOUND ON https://adobedocs.github.io/analytics-1.4-apis/swagger-docs.html DUE TO OUTDATED SWAGGER UI Full...
HackerOne Bug Bounty Disclosure: cve-2022-42916:-hsts-bypass-via-idnbykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2022-42916: HSTS bypass via IDN Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: cve-2022-35260:–netrc-parser-out-of-bounds-accessbykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2022-35260: .netrc parser out-of-bounds access Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: subdomain-takeover-on-‘de-headless-staging-gymshark-com’bya-p0c
Programme HackerOne Gymshark Gymshark Submitted by a-p0c a-p0c Report Subdomain takeover on 'de-headless.staging.gymshark.com' Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: weak-randomness-in-webcrypto-keygenbybnoordhuis
Programme HackerOne Node.js Node.js Submitted by bnoordhuis bnoordhuis Report Weak randomness in WebCrypto keygen Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-header-fieldsbyvvx7
Programme HackerOne Node.js Node.js Submitted by vvx7 vvx7 Report HTTP Request Smuggling Due to Incorrect Parsing of Header Fields Full...
HackerOne Bug Bounty Disclosure: cve-2022-32213-bypass-via-obs-fold-mechanicbyhaxatron1
Programme HackerOne Node.js Node.js Submitted by haxatron1 haxatron1 Report CVE-2022-32213 bypass via obs-fold mechanic Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: business-logic,-currency-arbitrage—possibility-to-pay-less-than-the-price-in-usdbyxctzn
Programme HackerOne PortSwigger Web Security PortSwigger Web Security Submitted by xctzn xctzn Report Business Logic, currency arbitrage - Possibility to...
HackerOne Bug Bounty Disclosure: node-18-reads-openssl-cnf-from-/home/iojs/build/—-upon-startup-on-macosbymhdawson
Programme HackerOne Node.js Node.js Submitted by mhdawson mhdawson Report Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS Full...
HackerOne Bug Bounty Disclosure: http-request-smuggling-due-to-incorrect-parsing-of-multi-line-transfer-encoding-(improper-fix-for-cve-2022-32215)byshacharm
Programme HackerOne Node.js Node.js Submitted by shacharm shacharm Report HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding (improper...
HackerOne Bug Bounty Disclosure: reflected-cross-site-scripting-via-swagger-uibywebcipher101
Programme HackerOne Adobe Adobe Submitted by webcipher101 webcipher101 Report Reflected Cross site scripting via Swagger UI Full Report A considerable...
HackerOne Bug Bounty Disclosure: a-malicious-admin-can-be-able-to-permanently-disable-a-owner(admin)-to-access-his-accountbydewcode91
Programme HackerOne Linktree Linktree Submitted by dewcode91 dewcode91 Report A malicious admin can be able to permanently disable a Owner(Admin)...
HackerOne Bug Bounty Disclosure: full-payment-bypass-to-use-premium-subscription-byn0_m3rcy
Programme HackerOne Krisp Krisp Submitted by n0_m3rcy n0_m3rcy Report Full payment bypass to use premium subscription. Full Report A considerable...
HackerOne Bug Bounty Disclosure: removed-user-can-still-view-comments-on-the-file/documents-byimran_nisar
Programme HackerOne Lark Technologies Lark Technologies Submitted by imran_nisar imran_nisar Report Removed user can still view comments on the file/documents....
