Hacktivity from japz
https://hackerone.com/reports/696266
Disclosed at: 2020-02-21 19:13:37 UTC+0
Created at: 2019-09-17 07:06:51 UTC+0
"Bounties paid in the last 90 days" discloses the undisclosed bounty amount in program statistics
https://hackerone.com/reports/696266
Disclosed at: 2020-02-21 19:13:37 UTC+0
Created at: 2019-09-17 07:06:51 UTC+0
HackerOne
HackerOne disclosed on HackerOne: "Bounties paid in the last 90...
Hi Team,
## Summary:
I have found a bypass on this disclosed report: [Know undisclosed Bounty Amount when Bounty Statistics are enabled.](https://hackerone.com/reports/148050)
##...
## Summary:
I have found a bypass on this disclosed report: [Know undisclosed Bounty Amount when Bounty Statistics are enabled.](https://hackerone.com/reports/148050)
##...
Hacktivity from jubabaghdad
https://hackerone.com/reports/770349
Disclosed at: 2020-02-21 20:26:38 UTC+0
Created at: 2020-01-08 17:42:07 UTC+0
Reflected XSS in twitterflightschool\.com
https://hackerone.com/reports/770349
Disclosed at: 2020-02-21 20:26:38 UTC+0
Created at: 2020-01-08 17:42:07 UTC+0
HackerOne
Twitter disclosed on HackerOne: Reflected XSS in...
While testing twitterflightschool.com, I came across the below endpoint:
https://twitterflightschool.com/authentication/fb_callback?error=access_denied&error_code=200&error_description=
I noticed...
https://twitterflightschool.com/authentication/fb_callback?error=access_denied&error_code=200&error_description=
I noticed...
Hacktivity from lorenznickel
https://hackerone.com/reports/785243
Disclosed at: 2020-02-21 21:08:05 UTC+0
Created at: 2020-01-29 04:12:55 UTC+0
Twitter Source Label allow 'mongolian vowel separator' U\+180E \(app name\)
https://hackerone.com/reports/785243
Disclosed at: 2020-02-21 21:08:05 UTC+0
Created at: 2020-01-29 04:12:55 UTC+0
HackerOne
Twitter disclosed on HackerOne: Twitter Source Label allow...
**Summary:** Twitter app-names (which are shown in the Tweet source label) are supposed to be unique and because of that they must not include invisible unicode characters. However, you can use the...
Hacktivity from nyuszika7h
https://hackerone.com/reports/784676
Disclosed at: 2020-02-21 21:09:38 UTC+0
Created at: 2020-01-28 11:08:28 UTC+0
iOS app crashed by specially crafted direct message reactions
https://hackerone.com/reports/784676
Disclosed at: 2020-02-21 21:09:38 UTC+0
Created at: 2020-01-28 11:08:28 UTC+0
HackerOne
X (Formerly Twitter) disclosed on HackerOne: iOS app crashed by...
**Summary:** iOS app crashed by specially crafted direct message reactions
**Description:**
Twitter does not properly sanitize direct message reactions, making it possible for arbitrary reaction...
**Description:**
Twitter does not properly sanitize direct message reactions, making it possible for arbitrary reaction...
Hacktivity from kunal94
https://hackerone.com/reports/583987
Disclosed at: 2020-02-21 21:10:54 UTC+0
Created at: 2019-05-18 15:49:24 UTC+0
Periscope android app deeplink leads to CSRF in follow action
https://hackerone.com/reports/583987
Disclosed at: 2020-02-21 21:10:54 UTC+0
Created at: 2019-05-18 15:49:24 UTC+0
HackerOne
X (Formerly Twitter) disclosed on HackerOne: Periscope android app...
Hello Twitter Team
#Summary
This issue is mainly in the Periscope Android app against CSRF follow action using deeplink.
#Description
In normal Periscope Website, when we share a follow link like...
#Summary
This issue is mainly in the Periscope Android app against CSRF follow action using deeplink.
#Description
In normal Periscope Website, when we share a follow link like...
Hacktivity from hacki3boy
https://hackerone.com/reports/765355
Disclosed at: 2020-02-22 16:02:07 UTC+0
Created at: 2019-12-28 05:44:47 UTC+0
Modify account details by exploiting clickjacking vulnerability on refer\.wordpress\.com
https://hackerone.com/reports/765355
Disclosed at: 2020-02-22 16:02:07 UTC+0
Created at: 2019-12-28 05:44:47 UTC+0
HackerOne
Automattic disclosed on HackerOne: Modify account details by...
## Summary:
I have found that their is no protection for click jacking on refer.wordpress.com so attacker can exploit it to change users details. This clickjacking is on authenticated pages so it...
I have found that their is no protection for click jacking on refer.wordpress.com so attacker can exploit it to change users details. This clickjacking is on authenticated pages so it...
Hacktivity from zeop
https://hackerone.com/reports/798686
Disclosed at: 2020-02-22 16:58:29 UTC+0
Created at: 2020-02-18 08:39:04 UTC+0
x\-request\-id header reflected in server response without sanitization
https://hackerone.com/reports/798686
Disclosed at: 2020-02-22 16:58:29 UTC+0
Created at: 2020-02-18 08:39:04 UTC+0
HackerOne
Radancy disclosed on HackerOne: x-request-id header reflected in...
**Domain and URL:**
maximum.nl
**Summary:**
When issuing a GET request to maximum.nl, its possible to set the x-request-id header which is then reflected in the server response without any...
maximum.nl
**Summary:**
When issuing a GET request to maximum.nl, its possible to set the x-request-id header which is then reflected in the server response without any...
Hacktivity from hach3ro
https://hackerone.com/reports/376563
Disclosed at: 2020-02-23 16:20:47 UTC+0
Created at: 2018-07-04 00:45:17 UTC+0
Admin panel of https://www\.stellar\.org/wp\-admin/
https://hackerone.com/reports/376563
Disclosed at: 2020-02-23 16:20:47 UTC+0
Created at: 2018-07-04 00:45:17 UTC+0
HackerOne
Stellar.org disclosed on HackerOne: Admin panel of...
https://www.stellar.org/wp-admin/ link has various operations which should not be accessible to an anonymous user.
As admin panel is accessible an attacker can use this information in targeted...
As admin panel is accessible an attacker can use this information in targeted...
Hacktivity from abo\-jehad
https://hackerone.com/reports/342977
Disclosed at: 2020-02-23 16:21:28 UTC+0
Created at: 2018-04-25 03:08:06 UTC+0
brute force attack allowed on admin page https://www\.stellar\.org/wp\-admin/
https://hackerone.com/reports/342977
Disclosed at: 2020-02-23 16:21:28 UTC+0
Created at: 2018-04-25 03:08:06 UTC+0
HackerOne
Stellar.org disclosed on HackerOne: brute force attack allowed on...
hi security team
-due to your bug bounty program , i found basic authentication method
-by doing many trials the server will response and will not block the logging process
- the attack can be...
-due to your bug bounty program , i found basic authentication method
-by doing many trials the server will response and will not block the logging process
- the attack can be...
Hacktivity from vyshnav\_nk
https://hackerone.com/reports/281387
Disclosed at: 2020-02-23 16:22:08 UTC+0
Created at: 2017-10-21 07:18:57 UTC+0
xss
https://hackerone.com/reports/281387
Disclosed at: 2020-02-23 16:22:08 UTC+0
Created at: 2017-10-21 07:18:57 UTC+0
HackerOne
Stellar.org disclosed on HackerOne: xss
content on a server is including Javascript content from an unrelated domain. When this script code is fetched by a user browser and loaded into the DOM,
it will have complete control over the...
it will have complete control over the...
Hacktivity from ramakanthk35
https://hackerone.com/reports/263780
Disclosed at: 2020-02-23 16:22:34 UTC+0
Created at: 2017-08-27 13:40:40 UTC+0
Direct URL access to PDF files
https://hackerone.com/reports/263780
Disclosed at: 2020-02-23 16:22:34 UTC+0
Created at: 2017-08-27 13:40:40 UTC+0
HackerOne
Stellar.org disclosed on HackerOne: Direct URL access to PDF files
hi,
I was able to access the following PDF files without any...
I was able to access the following PDF files without any...
Hacktivity from suvrat7
https://hackerone.com/reports/242874
Disclosed at: 2020-02-23 16:22:57 UTC+0
Created at: 2017-06-24 11:54:04 UTC+0
Bypassing Verify Humans Page
https://hackerone.com/reports/242874
Disclosed at: 2020-02-23 16:22:57 UTC+0
Created at: 2017-06-24 11:54:04 UTC+0
HackerOne
Stellar.org disclosed on HackerOne: Bypassing Verify Humans Page
Hi Team,
I was able to bypass verify Human dialog Box , while subscribing .
Vulnerable request:
====================
```
POST /subscribe/post HTTP/1.1
Host: stellar.us9.list-manage.com
User-Agent:...
I was able to bypass verify Human dialog Box , while subscribing .
Vulnerable request:
====================
```
POST /subscribe/post HTTP/1.1
Host: stellar.us9.list-manage.com
User-Agent:...
Hacktivity from martinbydefault
https://hackerone.com/reports/752402
Disclosed at: 2020-02-23 20:00:26 UTC+0
Created at: 2019-12-06 05:43:48 UTC+0
Connection informaton is sent to a third\-party service
https://hackerone.com/reports/752402
Disclosed at: 2020-02-23 20:00:26 UTC+0
Created at: 2019-12-06 05:43:48 UTC+0
HackerOne
Nord Security disclosed on HackerOne: Connection informaton is sent...
Application event data exposed through the reuse of API key
The researcher reported that iOS app usage event information sent to the third party service can be intercepted through the reuse of API...
The researcher reported that iOS app usage event information sent to the third party service can be intercepted through the reuse of API...
Hacktivity from 0x496
https://hackerone.com/reports/781284
Disclosed at: 2020-02-24 04:18:47 UTC+0
Created at: 2020-01-23 06:16:46 UTC+0
Cross Site Scripting via CVE\-2018\-5230 on https://apps\.topcoder\.com
https://hackerone.com/reports/781284
Disclosed at: 2020-02-24 04:18:47 UTC+0
Created at: 2020-01-23 06:16:46 UTC+0
HackerOne
Topcoder disclosed on HackerOne: Cross Site Scripting via...
Hi, I found reflected xss on https://apps.topcoder.com via error message..
Payload : ``` %3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm ```
Vulnerable link :...
Payload : ``` %3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm ```
Vulnerable link :...
Hacktivity from splatt581
https://hackerone.com/reports/458842
Disclosed at: 2020-02-24 07:05:14 UTC+0
Created at: 2018-12-07 20:40:15 UTC+0
Malformed save files \(\.sav\) allow to write files with arbitrary extensions and content in GoldSrc\-based games\.
https://hackerone.com/reports/458842
Disclosed at: 2020-02-24 07:05:14 UTC+0
Created at: 2018-12-07 20:40:15 UTC+0
HackerOne
Valve disclosed on HackerOne: Malformed save files (.sav) allow to...
The structure of the save file implies unpacking of temporary files with extensions ```.HL1```, ```.HL2``` and ```.HL3```. In the code of command 'load', there is a check for invalid substrings,...
Hacktivity from kelotex
https://hackerone.com/reports/781664
Disclosed at: 2020-02-24 08:00:21 UTC+0
Created at: 2020-01-23 17:10:09 UTC+0
Several simple remote code execution in pdf\-image
https://hackerone.com/reports/781664
Disclosed at: 2020-02-24 08:00:21 UTC+0
Created at: 2020-01-23 17:10:09 UTC+0
HackerOne
Node.js third-party modules disclosed on HackerOne: Several simple...
I would like to report "A simple remote code execution" in "pdf-image".
It allows "a remote attacker to execute arbitrary code when several functions of the PDFImage class are called and the class...
It allows "a remote attacker to execute arbitrary code when several functions of the PDFImage class are called and the class...
Hacktivity from a\_constant
https://hackerone.com/reports/668422
Disclosed at: 2020-02-24 10:57:46 UTC+0
Created at: 2019-08-06 17:16:11 UTC+0
HTML Injection & Content Spoofing
https://hackerone.com/reports/668422
Disclosed at: 2020-02-24 10:57:46 UTC+0
Created at: 2019-08-06 17:16:11 UTC+0
HackerOne
ForeScout Technologies disclosed on HackerOne: HTML Injection &...
## Summary:
The Main Search Box of the site "www.forescout.com" is Vulnerable for HTML Injection & Content Spoofing
## Steps To Reproduce:
1. Visit [example link](https://www.forescout.com/)
...
The Main Search Box of the site "www.forescout.com" is Vulnerable for HTML Injection & Content Spoofing
## Steps To Reproduce:
1. Visit [example link](https://www.forescout.com/)
...
Hacktivity from enixium
https://hackerone.com/reports/772886
Disclosed at: 2020-02-24 10:59:41 UTC+0
Created at: 2020-01-13 00:05:02 UTC+0
Password Reset Link Works Multiple Times
https://hackerone.com/reports/772886
Disclosed at: 2020-02-24 10:59:41 UTC+0
Created at: 2020-01-13 00:05:02 UTC+0
HackerOne
Nord Security disclosed on HackerOne: Password Reset Link Works...
## Background:
Normally, a secure way to handle password reset links is to invalidate the link/token upon usage. Additionally, if multiple reset links are requested, older & unused tokens should...
Normally, a secure way to handle password reset links is to invalidate the link/token upon usage. Additionally, if multiple reset links are requested, older & unused tokens should...
Hacktivity from mase289
https://hackerone.com/reports/756149
Disclosed at: 2020-02-24 10:59:56 UTC+0
Created at: 2019-12-11 13:43:32 UTC+0
Blind SSRF on debug\.nordvpn\.com due to misconfigured sentry instance
https://hackerone.com/reports/756149
Disclosed at: 2020-02-24 10:59:56 UTC+0
Created at: 2019-12-11 13:43:32 UTC+0
HackerOne
Nord Security disclosed on HackerOne: Blind SSRF on...
## Summary:
The debug subdomain uses Sentry for application monitoring and error tracking. This software comes with a feature (known as source code scraping ) turned on by default which makes it...
The debug subdomain uses Sentry for application monitoring and error tracking. This software comes with a feature (known as source code scraping ) turned on by default which makes it...
Hacktivity from alishah
https://hackerone.com/reports/791498
Disclosed at: 2020-02-24 11:00:31 UTC+0
Created at: 2020-02-09 08:34:32 UTC+0
No Rate Limit On Forgot Password Page Of affiliates\.nordvpn\.com
https://hackerone.com/reports/791498
Disclosed at: 2020-02-24 11:00:31 UTC+0
Created at: 2020-02-09 08:34:32 UTC+0
HackerOne
Nord Security disclosed on HackerOne: No Rate Limit On Forgot...
###Introduction:-
A little bit about Rate Limit:
A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache.
In...
A little bit about Rate Limit:
A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache.
In...