HTML Injection in E-mail Not Resolved ()
π https://hackerone.com/reports/1600720
πΉ Severity: Medium
πΉ Reported To: Acronis
πΉ Reported By: #thewikiii
πΉ State: π’ Resolved
πΉ Disclosed: July 19, 2022, 9:11am (UTC)
π https://hackerone.com/reports/1600720
πΉ Severity: Medium
πΉ Reported To: Acronis
πΉ Reported By: #thewikiii
πΉ State: π’ Resolved
πΉ Disclosed: July 19, 2022, 9:11am (UTC)
LFI via Jolokia at https://β.β.β.β:1293
π https://hackerone.com/reports/1641661
πΉ Severity: Medium
πΉ Reported To: 8x8
πΉ Reported By: #shuvam321
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 12:30am (UTC)
π https://hackerone.com/reports/1641661
πΉ Severity: Medium
πΉ Reported To: 8x8
πΉ Reported By: #shuvam321
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 12:30am (UTC)
π1
Can access the job name, creator name and can report any draft/under review/rejected job
π https://hackerone.com/reports/1581528
πΉ Severity: Medium | π° 1,000 USD
πΉ Reported To: LinkedIn
πΉ Reported By: #sachin_kumar_
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 6:08pm (UTC)
π https://hackerone.com/reports/1581528
πΉ Severity: Medium | π° 1,000 USD
πΉ Reported To: LinkedIn
πΉ Reported By: #sachin_kumar_
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 6:08pm (UTC)
Internal Employee informations Disclosure via TikTok Athena api
π https://hackerone.com/reports/1575560
πΉ Severity: Medium | π° 1,000 USD
πΉ Reported To: TikTok
πΉ Reported By: #hein_thant
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 11:38pm (UTC)
π https://hackerone.com/reports/1575560
πΉ Severity: Medium | π° 1,000 USD
πΉ Reported To: TikTok
πΉ Reported By: #hein_thant
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 11:38pm (UTC)
DOM XSS on ads.tiktok.com
π https://hackerone.com/reports/1549451
πΉ Severity: Medium | π° 2,500 USD
πΉ Reported To: TikTok
πΉ Reported By: #0x7
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 11:42pm (UTC)
π https://hackerone.com/reports/1549451
πΉ Severity: Medium | π° 2,500 USD
πΉ Reported To: TikTok
πΉ Reported By: #0x7
πΉ State: π’ Resolved
πΉ Disclosed: July 20, 2022, 11:42pm (UTC)
fix(cmd-socketio-server): mitigate cross site scripting attack #2068
π https://hackerone.com/reports/1638984
πΉ Severity: High | π° 100 USD
πΉ Reported To: Hyperledger
πΉ Reported By: #bhaskar_ram
πΉ State: βͺοΈ Informative
πΉ Disclosed: July 21, 2022, 8:37pm (UTC)
π https://hackerone.com/reports/1638984
πΉ Severity: High | π° 100 USD
πΉ Reported To: Hyperledger
πΉ Reported By: #bhaskar_ram
πΉ State: βͺοΈ Informative
πΉ Disclosed: July 21, 2022, 8:37pm (UTC)
π1
CVE-2022-32215 - HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding
π https://hackerone.com/reports/1630667
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
π https://hackerone.com/reports/1630667
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
CVE-2022-32213 - HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding
π https://hackerone.com/reports/1630668
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
π https://hackerone.com/reports/1630668
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
CVE-2022-32214 - HTTP Request Smuggling Due To Improper Delimiting of Header Fields
π https://hackerone.com/reports/1630669
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
π https://hackerone.com/reports/1630669
πΉ Severity: Medium | π° 1,800 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #zeyu2001
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 4:02am (UTC)
IDOR in report download functionality on ads.tiktok.com
π https://hackerone.com/reports/1559739
πΉ Severity: Low | π° 500 USD
πΉ Reported To: TikTok
πΉ Reported By: #f_m
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 11:48pm (UTC)
π https://hackerone.com/reports/1559739
πΉ Severity: Low | π° 500 USD
πΉ Reported To: TikTok
πΉ Reported By: #f_m
πΉ State: π’ Resolved
πΉ Disclosed: July 22, 2022, 11:48pm (UTC)
π1
Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing
π https://hackerone.com/reports/1627159
πΉ Severity: Medium | π° 2,400 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #ooooooo_q
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 3:20am (UTC)
π https://hackerone.com/reports/1627159
πΉ Severity: Medium | π° 2,400 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #ooooooo_q
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 3:20am (UTC)
reflected XSS on panther.com
π https://hackerone.com/reports/1601140
πΉ Severity: Medium | π° 250 USD
πΉ Reported To: Panther Labs
πΉ Reported By: #ibrahimatix0x01
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 5:19am (UTC)
π https://hackerone.com/reports/1601140
πΉ Severity: Medium | π° 250 USD
πΉ Reported To: Panther Labs
πΉ Reported By: #ibrahimatix0x01
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 5:19am (UTC)
[doc.rt.informaticacloud.com] Arbitrary File Reading via Double URL Encode
π https://hackerone.com/reports/232371
πΉ Severity: High
πΉ Reported To: Informatica
πΉ Reported By: #bigbear_
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 11:03am (UTC)
π https://hackerone.com/reports/232371
πΉ Severity: High
πΉ Reported To: Informatica
πΉ Reported By: #bigbear_
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 11:03am (UTC)
[doc.rt.informaticacloud.com] Reflected XSS via Stack Strace
π https://hackerone.com/reports/232320
πΉ Severity: High
πΉ Reported To: Informatica
πΉ Reported By: #bigbear_
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 11:03am (UTC)
π https://hackerone.com/reports/232320
πΉ Severity: High
πΉ Reported To: Informatica
πΉ Reported By: #bigbear_
πΉ State: π’ Resolved
πΉ Disclosed: July 23, 2022, 11:03am (UTC)
CVE-2022-27781: CERTINFO never-ending busy-loop
π https://hackerone.com/reports/1606039
πΉ Severity: Low | π° 480 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #sybr
πΉ State: π’ Resolved
πΉ Disclosed: July 24, 2022, 7:31pm (UTC)
π https://hackerone.com/reports/1606039
πΉ Severity: Low | π° 480 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #sybr
πΉ State: π’ Resolved
πΉ Disclosed: July 24, 2022, 7:31pm (UTC)
Node.js - DLL Hijacking on Windows
π https://hackerone.com/reports/1636566
πΉ Severity: High | π° 3,000 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #yakirka
πΉ State: π’ Resolved
πΉ Disclosed: July 25, 2022, 6:30pm (UTC)
π https://hackerone.com/reports/1636566
πΉ Severity: High | π° 3,000 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #yakirka
πΉ State: π’ Resolved
πΉ Disclosed: July 25, 2022, 6:30pm (UTC)
Race condition in faucet when using starport
π https://hackerone.com/reports/1438052
πΉ Severity: Critical | π° 5,000 USD
πΉ Reported To: Cosmos
πΉ Reported By: #cyberboy
πΉ State: π’ Resolved
πΉ Disclosed: July 26, 2022, 5:47pm (UTC)
π https://hackerone.com/reports/1438052
πΉ Severity: Critical | π° 5,000 USD
πΉ Reported To: Cosmos
πΉ Reported By: #cyberboy
πΉ State: π’ Resolved
πΉ Disclosed: July 26, 2022, 5:47pm (UTC)
HTML Injection via Email Share
π https://hackerone.com/reports/1490311
πΉ Severity: Low | π° 500 USD
πΉ Reported To: TikTok
πΉ Reported By: #lu3ky-13
πΉ State: π’ Resolved
πΉ Disclosed: July 27, 2022, 1:46am (UTC)
π https://hackerone.com/reports/1490311
πΉ Severity: Low | π° 500 USD
πΉ Reported To: TikTok
πΉ Reported By: #lu3ky-13
πΉ State: π’ Resolved
πΉ Disclosed: July 27, 2022, 1:46am (UTC)
Off-by-slash vulnerability in nodejs.org and iojs.org
π https://hackerone.com/reports/1650273
πΉ Severity: Medium | π° 1,200 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #nagaro
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 8:25am (UTC)
π https://hackerone.com/reports/1650273
πΉ Severity: Medium | π° 1,200 USD
πΉ Reported To: Internet Bug Bounty
πΉ Reported By: #nagaro
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 8:25am (UTC)
Acronis True Image Local Privilege Escalation Due To Race Condition In Application Verification
π https://hackerone.com/reports/1251464
πΉ Severity: High | π° 250 USD
πΉ Reported To: Acronis
πΉ Reported By: #vkas-afk
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 10:32am (UTC)
π https://hackerone.com/reports/1251464
πΉ Severity: High | π° 250 USD
πΉ Reported To: Acronis
πΉ Reported By: #vkas-afk
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 10:32am (UTC)
Hijack all emails sent to any domain that uses Cloudflare Email Forwarding
π https://hackerone.com/reports/1419341
πΉ Severity: Critical | π° 6,000 USD
πΉ Reported To: Cloudflare Public Bug Bounty
πΉ Reported By: #albertspedersen
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 4:35pm (UTC)
π https://hackerone.com/reports/1419341
πΉ Severity: Critical | π° 6,000 USD
πΉ Reported To: Cloudflare Public Bug Bounty
πΉ Reported By: #albertspedersen
πΉ State: π’ Resolved
πΉ Disclosed: July 28, 2022, 4:35pm (UTC)
π₯2