Programme HackerOne Basecamp Basecamp Submitted by fr4via fr4via Report com.basecamp.bc3 Webview Javascript Injection and JS bridge takeover Full Report A...
Programme HackerOne 8x8 8x8 Submitted by is- is- Report DLL Search-Order Hijacking Vulnerability in work-64-exe-v7.16.3-1.exe Full Report A considerable amount...
Programme HackerOne GitLab GitLab Submitted by joaxcar joaxcar Report XSS in ZenTao integration affecting self hosted instances without strict CSP...
Programme HackerOne Mattermost Mattermost Submitted by catenacyber catenacyber Report DOS: out of memory from gif through upload api Full Report...
Programme HackerOne Vanilla Vanilla Submitted by admin0x00 admin0x00 Report CORS Misconfiguration on vanillaforums.com Full Report A considerable amount of time...
Programme HackerOne MTN Group MTN Group Submitted by sachinrajput sachinrajput Report There is no rate limit for SME REGISTRATION PORTAL...
Programme HackerOne HackerOne HackerOne Submitted by mega7 mega7 Report HTML Injection in email via Name field Full Report A considerable...
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by nyymi nyymi Report Airflow Daemon Mode Insecure Umask Privilege Escalation...
Programme HackerOne Nextcloud Nextcloud Submitted by ro0telqayser ro0telqayser Report Information exposure in in guzzlehttp/guzzle (https://github.com/nextcloud/3rdparty/tree/master/guzzlehttp/guzzle) Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by daniel_calvino_sanchez daniel_calvino_sanchez Report Last video frame is still sent after video is disabled in...
Programme HackerOne Nextcloud Nextcloud Submitted by tomorrowisnew_ tomorrowisnew_ Report SSRF via potential filter bypass with too lax local domain checking...
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report Remote Code Execution on https://...
Programme HackerOne Linktree Linktree Submitted by bug_vs_me bug_vs_me Report No validation to Image upload user can upload ( php APK...
Programme HackerOne Meredith Meredith Submitted by error201 error201 Report Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie...
Programme HackerOne Dropbox Dropbox Submitted by fransrosen fransrosen Report Abuse cookie-modification, toast HTML and expired domain in CSP-form-action replacing login-page...
Programme HackerOne Glassdoor Glassdoor Submitted by nokline nokline Report Web Cache Poisoning leads to XSS and DoS Full Report A...
Programme HackerOne GitLab GitLab Submitted by vakzz vakzz Report RCE via the DecompressedArchiveSizeValidator and Project BulkImports (behind feature flag) Full...
Programme HackerOne Glassdoor Glassdoor Submitted by nokline nokline Report XSS in http://www.glassdoor.com/Search/results.htm via Parameter Pollution Full Report A considerable amount...
Programme HackerOne GitLab GitLab Submitted by afewgoats afewgoats Report ReDoS in net/http affects webhooks: Sidekiq job stuck at 100% CPU...
Programme HackerOne GitLab GitLab Submitted by patronum-m patronum-m Report No Restriction on password Full Report A considerable amount of time...
Programme HackerOne Hyperledger Hyperledger Submitted by cre8 cre8 Report DOS validator nodes of blockchain to block external connections Full Report...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by imtheking imtheking Report Signup with any Email and...
Programme HackerOne Nextcloud Nextcloud Submitted by luchua luchua Report Access to arbitrary file of the Nextcloud Android app from within...
Programme HackerOne IBM IBM Submitted by zere zere Report Cleartext storage of sensitive information at https://staging.status.ai-apps-comms.ibm.com/env can lead to account...
