Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'haxatron1'Link to Submitters Profile:https://hackerone.com/b'haxatron1' Report Title:b'Permission model bypass by specifying a path...
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'haxatron1'Link to Submitters Profile:https://hackerone.com/b'haxatron1' Report Title:b'fs.mkdtemp() and fs.mkdtempSync() are missing getValidatedPath() checks.'Report...
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'msvrmiscovet'Link to Submitters Profile:https://hackerone.com/b'msvrmiscovet' Report Title:b'Node 18 reads openssl.cnf from /home/iojs/build/... upon...
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'haxatron1'Link to Submitters Profile:https://hackerone.com/b'haxatron1' Report Title:b'Policy-restricted modules can escalate to higher privileges...
Company Name: b'Node.js' Company HackerOne URL: https://hackerone.com/nodejs Submitted By:b'haxatron1'Link to Submitters Profile:https://hackerone.com/b'haxatron1' Report Title:b'DNS rebinding in --inspect (again) via invalid...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'unknownsh'Link to Submitters Profile:https://hackerone.com/b'unknownsh' Report Title:b'Improper restriction of excessive authentication attempts on...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'tareq4'Link to Submitters Profile:https://hackerone.com/b'tareq4' Report Title:b'Notes attachments render HTML in preview mode'Report...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'cult'Link to Submitters Profile:https://hackerone.com/b'cult' Report Title:b'Any (non-admin) user from an instance can...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'mikaelgundersen'Link to Submitters Profile:https://hackerone.com/b'mikaelgundersen' Report Title:b'Missing brute force protection on OAuth2 API...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'mikaelgundersen'Link to Submitters Profile:https://hackerone.com/b'mikaelgundersen' Report Title:b'New AppPassword can be generated without password...
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'japz'Link to Submitters Profile:https://hackerone.com/b'japz' Report Title:b'Usernames still visible on report export pdf...
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'vanhoefm'Link to Submitters Profile:https://hackerone.com/b'vanhoefm' Report Title:b'Plaintext leakage of DNS...
Company Name: b'Sorare' Company HackerOne URL: https://hackerone.com/sorare Submitted By:b'fixenet'Link to Submitters Profile:https://hackerone.com/b'fixenet' Report Title:b'Operation CreateOrUpdateSo5LineupMutation does not restrict multiple captains'Report...
Company Name: b'GitHub' Company HackerOne URL: https://hackerone.com/github Submitted By:b'inspector-ambitious'Link to Submitters Profile:https://hackerone.com/b'inspector-ambitious' Report Title:b'Smuggling content in PR with refs/replace in...
Company Name: b'RATELIMITED' Company HackerOne URL: https://hackerone.com/ratelimited Submitted By:b'codeslayer137'Link to Submitters Profile:https://hackerone.com/b'codeslayer137' Report Title:b'Apache mod_negotiation filename bruteforcing https://api.ratelimited.me'Report Link:https://hackerone.com/reports/475167Date Submitted:01...
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'spaceboy20'Link to Submitters Profile:https://hackerone.com/b'spaceboy20' Report Title:b'bypass two-factor authentication.'Report Link:https://hackerone.com/reports/1842183Date Submitted:01 August 2023...
Company Name: b'Liberapay' Company HackerOne URL: https://hackerone.com/liberapay Submitted By:b'sameersec'Link to Submitters Profile:https://hackerone.com/b'sameersec' Report Title:b'Disavowed an email without any authentication'Report Link:https://hackerone.com/reports/2088808Date...
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'm0chan'Link to Submitters Profile:https://hackerone.com/b'm0chan' Report Title:b'Takeover of hackerone.engineering via Github'Report Link:https://hackerone.com/reports/2085260Date Submitted:31...
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'735t'Link to Submitters Profile:https://hackerone.com/b'735t' Report Title:b'Register & create a ticket as somebody...
Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'shewhoisblack'Link to Submitters Profile:https://hackerone.com/b'shewhoisblack' Report Title:b'Crash report -Cloudflare WARP...
Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'eye_'Link to Submitters Profile:https://hackerone.com/b'eye_' Report Title:b'CSRF in seller-us.tiktok.com/profile/account-setting/delegation-login 'Report Link:https://hackerone.com/reports/2002352Date Submitted:26 July...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'rullzer'Link to Submitters Profile:https://hackerone.com/b'rullzer' Report Title:b'Password reset endpoint is not brute force...
Company Name: b'Mozilla Core Services' Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:b'quikke'Link to Submitters Profile:https://hackerone.com/b'quikke' Report Title:b' - Broken access control...
Company Name: Ruby Company HackerOne URL: https://hackerone.com/ruby Submitted By:piaoLink to Submitters Profile:https://hackerone.com/piao Report Title:heap-buffer-overflow in gc_writebarrier_incrementalReport Link:https://hackerone.com/reports/1940002Date Submitted:19 July 2023...
