HackerOne Bug Bounty Disclosure: course-registration-form-allowing-an-attacker-to-dump-all-the-candidate-name-who-had-enrolled-for-the-course-steveflex

August 16, 2024

Company Name:
U.S. Dept Of Defense

Company HackerOne URL:
https://hackerone.com/deptofdefense

Submitted By:
steveflex

Link to Submitters Profile:
https://hackerone.com/steveflex

Report Title:
Course Registration Form Allowing an attacker to dump all the candidate name who had enrolled for the course

Report Link:
https://hackerone.com/reports/1100383

Date Submitted:
16 August 2024

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

You may have missed

passkey

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

September 20, 2024
ivanti 1

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

September 20, 2024
unlock membership

Safeguarding Our Foundations: Cybersecurity for Critical Infrastructure

September 20, 2024
HIBP Banner 1

HuntStand – 2,795,947 breached accounts

September 20, 2024
CISA Logo

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

September 20, 2024