Mattermost Server OAuth Flow Cross-Site Scripting
👉 https://hackerone.com/reports/1216203
🔹 Severity: High | 💰 900 USD
🔹 Reported To: Mattermost
🔹 Reported By: #shielder
🔹 State: 🟢 Resolved
🔹 Disclosed: August 6, 2021, 2:01pm (UTC)
👉 https://hackerone.com/reports/1216203
🔹 Severity: High | 💰 900 USD
🔹 Reported To: Mattermost
🔹 Reported By: #shielder
🔹 State: 🟢 Resolved
🔹 Disclosed: August 6, 2021, 2:01pm (UTC)
Loading YAML in Java client can lead to command execution
👉 https://hackerone.com/reports/1167773
🔹 Severity: Medium | 💰 1,000 USD
🔹 Reported To: Kubernetes
🔹 Reported By: #j0v
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 12:41pm (UTC)
👉 https://hackerone.com/reports/1167773
🔹 Severity: Medium | 💰 1,000 USD
🔹 Reported To: Kubernetes
🔹 Reported By: #j0v
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 12:41pm (UTC)
Virtual Data Room / Hide download on collabora is easy to bypass
👉 https://hackerone.com/reports/1194606
🔹 Severity: High | 💰 150 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 2:28pm (UTC)
👉 https://hackerone.com/reports/1194606
🔹 Severity: High | 💰 150 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 2:28pm (UTC)
Webauthn tokens are not removed on user deletion
👉 https://hackerone.com/reports/1202590
🔹 Severity: Medium
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 2:28pm (UTC)
👉 https://hackerone.com/reports/1202590
🔹 Severity: Medium
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 2:28pm (UTC)
Local privilege escalation via insecure MSI file
👉 https://hackerone.com/reports/1071832
🔹 Severity: High | 💰 250 USD
🔹 Reported To: Acronis
🔹 Reported By: #twvyy3vyaw8k
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 7:11pm (UTC)
👉 https://hackerone.com/reports/1071832
🔹 Severity: High | 💰 250 USD
🔹 Reported To: Acronis
🔹 Reported By: #twvyy3vyaw8k
🔹 State: 🟢 Resolved
🔹 Disclosed: August 7, 2021, 7:11pm (UTC)
PII data Leakage through hackerone reports
👉 https://hackerone.com/reports/1256371
🔹 Severity: Low
🔹 Reported To: HackerOne
🔹 Reported By: #iamr0000t
🔹 State: 🟢 Resolved
🔹 Disclosed: August 9, 2021, 8:03pm (UTC)
👉 https://hackerone.com/reports/1256371
🔹 Severity: Low
🔹 Reported To: HackerOne
🔹 Reported By: #iamr0000t
🔹 State: 🟢 Resolved
🔹 Disclosed: August 9, 2021, 8:03pm (UTC)
Tab nabbing in Hackerone inbox.
👉 https://hackerone.com/reports/1145563
🔹 Severity: Low | 💰 500 USD
🔹 Reported To: HackerOne
🔹 Reported By: #adhamsadaqah
🔹 State: 🟢 Resolved
🔹 Disclosed: August 9, 2021, 8:20pm (UTC)
👉 https://hackerone.com/reports/1145563
🔹 Severity: Low | 💰 500 USD
🔹 Reported To: HackerOne
🔹 Reported By: #adhamsadaqah
🔹 State: 🟢 Resolved
🔹 Disclosed: August 9, 2021, 8:20pm (UTC)
Password reset link not expiring after changing password in settings
👉 https://hackerone.com/reports/1288898
🔹 Severity: Low | 💰 250 USD
🔹 Reported To: Basecamp
🔹 Reported By: #blackbibin
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 6:58am (UTC)
👉 https://hackerone.com/reports/1288898
🔹 Severity: Low | 💰 250 USD
🔹 Reported To: Basecamp
🔹 Reported By: #blackbibin
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 6:58am (UTC)
Insecure Bundler configuration fetching internal Gems (okra) from Rubygems.org
👉 https://hackerone.com/reports/1104874
🔹 Severity: High | 💰 5,000 USD
🔹 Reported To: Basecamp
🔹 Reported By: #zofrex
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 7:12am (UTC)
👉 https://hackerone.com/reports/1104874
🔹 Severity: High | 💰 5,000 USD
🔹 Reported To: Basecamp
🔹 Reported By: #zofrex
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 7:12am (UTC)
Login session not expire
👉 https://hackerone.com/reports/1294231
🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Basecamp
🔹 Reported By: #blackbibin
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 8:08am (UTC)
👉 https://hackerone.com/reports/1294231
🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Basecamp
🔹 Reported By: #blackbibin
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 8:08am (UTC)
Password reset token leak on third party website via Referer header
👉 https://hackerone.com/reports/1177287
🔹 Severity: Medium
🔹 Reported To: UPchieve
🔹 Reported By: #n1had
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 3:20pm (UTC)
👉 https://hackerone.com/reports/1177287
🔹 Severity: Medium
🔹 Reported To: UPchieve
🔹 Reported By: #n1had
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 3:20pm (UTC)
Acronis True Image 2021 (windows) does not validate server hostname on a login TLS connection
👉 https://hackerone.com/reports/1070533
🔹 Severity: High | 💰 250 USD
🔹 Reported To: Acronis
🔹 Reported By: #aapo
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 6:02pm (UTC)
👉 https://hackerone.com/reports/1070533
🔹 Severity: High | 💰 250 USD
🔹 Reported To: Acronis
🔹 Reported By: #aapo
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 6:02pm (UTC)
Improper authorization on `/api/as/v1/credentials/` for Dev Role User with Limited Engine Access
👉 https://hackerone.com/reports/1218680
🔹 Severity: High | 💰 3,800 USD
🔹 Reported To: Elastic
🔹 Reported By: #superman85
🔹 State: 🟢 Resolved
🔹 Disclosed: August 3, 2021, 5:12pm (UTC)
👉 https://hackerone.com/reports/1218680
🔹 Severity: High | 💰 3,800 USD
🔹 Reported To: Elastic
🔹 Reported By: #superman85
🔹 State: 🟢 Resolved
🔹 Disclosed: August 3, 2021, 5:12pm (UTC)
[Swiftype] - Stored XSS via document field `url` triggers on `https://app.swiftype.com/engines/<engine>/document_types/<type>/documents/<id>`
👉 https://hackerone.com/reports/1245787
🔹 Severity: High | 💰 3,200 USD
🔹 Reported To: Elastic
🔹 Reported By: #superman85
🔹 State: 🟢 Resolved
🔹 Disclosed: August 3, 2021, 5:12pm (UTC)
👉 https://hackerone.com/reports/1245787
🔹 Severity: High | 💰 3,200 USD
🔹 Reported To: Elastic
🔹 Reported By: #superman85
🔹 State: 🟢 Resolved
🔹 Disclosed: August 3, 2021, 5:12pm (UTC)
Modify in-flight data to payment provider Smart2Pay
👉 https://hackerone.com/reports/1295844
🔹 Severity: Critical | 💰 7,500 USD
🔹 Reported To: Valve
🔹 Reported By: #drbrix
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 10:05pm (UTC)
👉 https://hackerone.com/reports/1295844
🔹 Severity: Critical | 💰 7,500 USD
🔹 Reported To: Valve
🔹 Reported By: #drbrix
🔹 State: 🟢 Resolved
🔹 Disclosed: August 10, 2021, 10:05pm (UTC)
Ratelimits do not apply to OCS DataResponse
👉 https://hackerone.com/reports/1214158
🔹 Severity: No Rating
🔹 Reported To: Nextcloud
🔹 Reported By: #lukasreschkenc
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:14am (UTC)
👉 https://hackerone.com/reports/1214158
🔹 Severity: No Rating
🔹 Reported To: Nextcloud
🔹 Reported By: #lukasreschkenc
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:14am (UTC)
Download of file with arbitrary extension via injection into attachment header
👉 https://hackerone.com/reports/1215263
🔹 Severity: Medium | 💰 125 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #foobar7
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:15am (UTC)
👉 https://hackerone.com/reports/1215263
🔹 Severity: Medium | 💰 125 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #foobar7
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:15am (UTC)
index.php/apps/files_sharing/shareinfo endpoint is not properly protected
👉 https://hackerone.com/reports/1173684
🔹 Severity: Medium | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:18am (UTC)
👉 https://hackerone.com/reports/1173684
🔹 Severity: Medium | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:18am (UTC)
public webdav endpoint not bruteforce protected
👉 https://hackerone.com/reports/1192159
🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:19am (UTC)
👉 https://hackerone.com/reports/1192159
🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #rtod
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:19am (UTC)
Bypass of privacy filter / tracking pixel blocker
👉 https://hackerone.com/reports/1215251
🔹 Severity: Medium | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #foobar7
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:21am (UTC)
👉 https://hackerone.com/reports/1215251
🔹 Severity: Medium | 💰 100 USD
🔹 Reported To: Nextcloud
🔹 Reported By: #foobar7
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:21am (UTC)
ApiService#fetch serves content as text/html and inline Content-Disposition
👉 https://hackerone.com/reports/1241460
🔹 Severity: No Rating
🔹 Reported To: Nextcloud
🔹 Reported By: #lukasreschkenc
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:22am (UTC)
👉 https://hackerone.com/reports/1241460
🔹 Severity: No Rating
🔹 Reported To: Nextcloud
🔹 Reported By: #lukasreschkenc
🔹 State: 🟢 Resolved
🔹 Disclosed: August 11, 2021, 9:22am (UTC)