Keychain data persistence may lead to account takeover

👉 https://hackerone.com/reports/761975

🔹 Severity: Low | 💰 100 USD
🔹 Reported To: QIWI
🔹 Reported By: #0x3c3e
🔹 State: 🟢 Resolved
🔹 Disclosed: September 7, 2020, 2:47pm (UTC)

XSS on https://fax.pbx.itsendless.org/ (CVE-2017-18024)

👉 https://hackerone.com/reports/963798

🔹 Severity: Medium
🔹 Reported To: Endless Hosting
🔹 Reported By: #pirneci
🔹 State: 🟢 Resolved
🔹 Disclosed: September 7, 2020, 5:42pm (UTC)

[bugs.fuzzing-project.org] HTML Injection via 'custom_field_7[]' parameter in '/view_all_set.php'

👉 https://hackerone.com/reports/903869

🔹 Severity: Medium
🔹 Reported To: Hanno's projects
🔹 Reported By: #dragonjar
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 7:30am (UTC)

No CSRF Protection in Resend Confirmation Email feature leads to Sending Unwanted Email in Victim's Inbox without knowing Victim's email address

👉 https://hackerone.com/reports/753386

🔹 Severity: Medium
🔹 Reported To: Stripo Inc
🔹 Reported By: #binit
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 11:17am (UTC)

SSRF into Shared Runner, by replacing dockerd with malicious server in Executor

👉 https://hackerone.com/reports/809248

🔹 Severity: Medium | 💰 2,000 USD
🔹 Reported To: GitLab
🔹 Reported By: #lucash-dev
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 1:28pm (UTC)

Members from parent group keep their access level on a subgroup transfer and are invisible

👉 https://hackerone.com/reports/790786

🔹 Severity: High | 💰 4,000 USD
🔹 Reported To: GitLab
🔹 Reported By: #kryword
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 1:44pm (UTC)

Injection of `http.<url>.*` git config settings leading to SSRF

👉 https://hackerone.com/reports/855276

🔹 Severity: High | 💰 3,000 USD
🔹 Reported To: GitLab
🔹 Reported By: #vakzz
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 1:46pm (UTC)

EXIF metadata not stripped from JPG group logos

👉 https://hackerone.com/reports/446238

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: GitLab
🔹 Reported By: #jackb898
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 2:02pm (UTC)

Blind SQL Injection

👉 https://hackerone.com/reports/758654

🔹 Severity: Critical | 💰 2,000 USD
🔹 Reported To: InnoGames
🔹 Reported By: #rzx007x
🔹 State: 🟢 Resolved
🔹 Disclosed: September 8, 2020, 3:04pm (UTC)

Race Condition when following a user

👉 https://hackerone.com/reports/927384

🔹 Severity: Low
🔹 Reported To: Staging.every.org
🔹 Reported By: #bugra
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 5:51am (UTC)

damage to the timeline so that comment fields cannot be displayed or not available to all members in the store

👉 https://hackerone.com/reports/971599

🔹 Severity: No Rating
🔹 Reported To: Shopify
🔹 Reported By: #jaka_tingkir
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 4:45pm (UTC)

Add apps to packages 0, 61, 62 with /store/ajaxpackagemerge

👉 https://hackerone.com/reports/972243

🔹 Severity: High | 💰 2,500 USD
🔹 Reported To: Valve
🔹 Reported By: #njbooher
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 8:07pm (UTC)

Unauthorized updates to extended_info properties in /store/ajaxpackagesave

👉 https://hackerone.com/reports/815547

🔹 Severity: High | 💰 2,500 USD
🔹 Reported To: Valve
🔹 Reported By: #njbooher
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 8:27pm (UTC)

Stored XSS on PyPi simple API endpoint

👉 https://hackerone.com/reports/856836

🔹 Severity: Medium | 💰 3,000 USD
🔹 Reported To: GitLab
🔹 Reported By: #vakzz
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 9:57pm (UTC)

Stored XSS in markdown when redacting references

👉 https://hackerone.com/reports/836649

🔹 Severity: High | 💰 5,000 USD
🔹 Reported To: GitLab
🔹 Reported By: #vakzz
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 9:58pm (UTC)

Smartsheet employees email disclosure through enpoint after login.

👉 https://hackerone.com/reports/880089

🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Smartsheet
🔹 Reported By: #soareswallace
🔹 State: 🟢 Resolved
🔹 Disclosed: September 9, 2020, 10:15pm (UTC)

SSRF at https://cognitive.topcoder.com leads to AWS instance metadata due to vulnerable email subscription feature

👉 https://hackerone.com/reports/876424

🔹 Severity: Critical
🔹 Reported To: Topcoder
🔹 Reported By: #mase289
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2020, 12:42pm (UTC)

THX Tuneup Survey feedback disclosure via Google cached content for apps.thx.com

👉 https://hackerone.com/reports/751729

🔹 Severity: Low | 💰 200 USD
🔹 Reported To: Razer
🔹 Reported By: #jackb898
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2020, 4:04pm (UTC)

bypass the [OKTA] login redirect can lead to disclosing limited-information about the sub-domain at [ shiptsec.com ]

👉 https://hackerone.com/reports/968699

🔹 Severity: Low | 💰 200 USD
🔹 Reported To: Shipt
🔹 Reported By: #tester1231233
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2020, 4:23pm (UTC)

Safe Redirect Bypass

👉 https://hackerone.com/reports/945990

🔹 Severity: Low | 💰 560 USD
🔹 Reported To: Twitter
🔹 Reported By: #cyanpiny
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2020, 4:57pm (UTC)

Team object in GraphQL disclosed private_comment

👉 https://hackerone.com/reports/978143

🔹 Severity: Medium | 💰 2,500 USD
🔹 Reported To: HackerOne
🔹 Reported By: #haxta4ok00
🔹 State: 🟢 Resolved
🔹 Disclosed: September 10, 2020, 7:05pm (UTC)