Bug Bounty

hackerone

HackerOne Bug Bounty Disclosure: non-revoked-api-key-information-disclosure-via-stripo_report()bydeb0con

August 25, 2022

Programme HackerOne Stripo Inc Stripo Inc Submitted by deb0con deb0con Report Non-revoked API Key Information disclosure via Stripo_report() Full Report...

hackerone

HackerOne Bug Bounty Disclosure: pause-based-desync-in-apache-httpdbyalbinowax

August 25, 2022

Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by albinowax albinowax Report Pause-based desync in Apache HTTPD Full Report...

hackerone

HackerOne Bug Bounty Disclosure: support-invisionpower-com-takeover-the-subdomain-with-zendeskbyfthacker101

August 24, 2022

Programme HackerOne Invision Power Services, Inc. Invision Power Services, Inc. Submitted by fthacker101 fthacker101 Report support.invisionpower.com takeover the subdomain with...

hackerone

HackerOne Bug Bounty Disclosure: golang-expvar-information-disclosurebymustafa_farrag

August 24, 2022

Programme HackerOne Uber Uber Submitted by mustafa_farrag mustafa_farrag Report Golang expvar Information Disclosure Full Report A considerable amount of time...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – XSS via Google Drive – https://www.indeed.jobs/career/Profile – By CGuillaume

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – No Rate Limiting on resend email option when signing up for an account – By CyberKey

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Self XSS on my.indeed.com affecting multiple input fields – By iman122

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – XSS via file name – https://sms.indeed.com/signup/signage-details/ – By CGuillaume

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Asana Desktop Application Includes Personal Access Token – By lauritz

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Reflected XSS in https://www.indeed.com/career-advice/ – By cr00k

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Publisher owner doesn’t able to delete low privilege user – By AlWaYsHuNt

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – xss – By Ramesh_Kumar

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – No DMARC Record Found – By sujan_shetty

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Xss in resume – By Saidul_islam

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Cleartext submission of password on http://insights.indeed.tech/users/sign_in – By dirty0124

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Email HTML Injection at https://baito.indeed.com – By danibhai

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Backend Stock access which can be accessed to the admin – By KennY-S

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – HTML Injection in email when deactivate a user – By mega7

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Dangerous RTLO Injection – By nt3c

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – RTLO Injection leads to URi Spoofing – By nt3c

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Stored-xss is working – By agnihackers123

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – XSS – By shahzeenkhan00

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – HTML Injection in meeting owner email – By mega7

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

Bug Bounty

BugCrowd Bug Bounty Disclosure: – Critical Local File Read in Electron Desktop App – By Renwa

August 24, 2022

The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...

CISA

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 24, 2024

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 24, 2024

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 24, 2024