NEW BOT Телеграм, страница

Bugpoint

HTML INJECTION FOUND ON https://adobedocs.github.io/analytics-1.4-apis/swagger-docs.html DUE TO OUTDATED SWAGGER UI

👉 https://hackerone.com/reports/1736466

🔹 Severity: Low
🔹 Reported To: Adobe
🔹 Reported By: #dreamer_eh
🔹 State: 🟢 Resolved
🔹 Disclosed: October 28, 2022, 7:18am (UTC)

👍1

288 views18:40

Bugpoint

Privilege Escalation to All-staff group

👉 https://hackerone.com/reports/1021460

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Lark Technologies
🔹 Reported By: #snapsec
🔹 State: 🟢 Resolved
🔹 Disclosed: October 28, 2022, 11:55pm (UTC)

262 views18:40

Bugpoint

Accessing/Editing Folders of Other Users in the Orginisation.

👉 https://hackerone.com/reports/1025881

🔹 Severity: High | 💰 1,000 USD
🔹 Reported To: Lark Technologies
🔹 Reported By: #snapsec
🔹 State: 🟢 Resolved
🔹 Disclosed: October 29, 2022, 12:56am (UTC)

151 views18:40

Bugpoint

Cross-site Scripting (XSS) - Reflected

👉 https://hackerone.com/reports/1183336

🔹 Severity: Medium
🔹 Reported To: MTN Group
🔹 Reported By: #lu3ky-13
🔹 State: 🟢 Resolved
🔹 Disclosed: October 30, 2022, 9:54pm (UTC)

151 views18:40

Bugpoint

Cross-Site Request Forgery (CSRF) to xss

👉 https://hackerone.com/reports/1183241

🔹 Severity: Medium
🔹 Reported To: MTN Group
🔹 Reported By: #lu3ky-13
🔹 State: 🟢 Resolved
🔹 Disclosed: October 30, 2022, 9:54pm (UTC)

146 views18:40

Bugpoint

XSS in SocialIcon Link

👉 https://hackerone.com/reports/1698652

🔹 Severity: High | 💰 2,500 USD
🔹 Reported To: Linktree
🔹 Reported By: #sudi
🔹 State: 🟢 Resolved
🔹 Disclosed: October 31, 2022, 4:04am (UTC)

138 views18:40

Bugpoint

Authentication bypass for ███ leads to take over any users account.

👉 https://hackerone.com/reports/1608151

🔹 Severity: Critical | 💰 5,000 USD
🔹 Reported To: Krisp
🔹 Reported By: #n0_m3rcy
🔹 State: 🟢 Resolved
🔹 Disclosed: October 31, 2022, 5:56pm (UTC)

125 views18:40

Bugpoint

IDOR in API applications (able to see any API token, leads to account takeover)

👉 https://hackerone.com/reports/1695454

🔹 Severity: Critical | 💰 500 USD
🔹 Reported To: Automattic
🔹 Reported By: #bugra
🔹 State: 🟢 Resolved
🔹 Disclosed: November 1, 2022, 10:46pm (UTC)

122 views18:40

Bugpoint

Stored XSS in intensedebate.com via the Comments RSS

👉 https://hackerone.com/reports/1664914

🔹 Severity: Medium | 💰 150 USD
🔹 Reported To: Automattic
🔹 Reported By: #bugra
🔹 State: 🟢 Resolved
🔹 Disclosed: November 2, 2022, 9:20am (UTC)

121 views18:40

Bugpoint

CVE-2022-42916: HSTS bypass via IDN

👉 https://hackerone.com/reports/1753226

🔹 Severity: Medium | 💰 2,400 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #kurohiro
🔹 State: 🟢 Resolved
🔹 Disclosed: November 3, 2022, 12:19am (UTC)

110 views18:40

Bugpoint

Archived / Deleted / Private Poll Can Be Viewed by Another Users [Crowdsignal WordPress plugins]

👉 https://hackerone.com/reports/1711318

🔹 Severity: Low | 💰 100 USD
🔹 Reported To: Automattic
🔹 Reported By: #apapedulimu
🔹 State: 🟢 Resolved
🔹 Disclosed: November 3, 2022, 11:41am (UTC)

105 views18:40

Bugpoint

Command injection in GitHub Actions ContainerStepHost

👉 https://hackerone.com/reports/1637621

🔹 Severity: No Rating | 💰 4,000 USD
🔹 Reported To: GitHub
🔹 Reported By: #jupenur
🔹 State: 🟢 Resolved
🔹 Disclosed: November 3, 2022, 3:33pm (UTC)

109 views18:40

Bugpoint

RepositoryPipeline allows importing of local git repos

👉 https://hackerone.com/reports/1685822

🔹 Severity: Medium | 💰 22,300 USD
🔹 Reported To: GitLab
🔹 Reported By: #vakzz
🔹 State: 🟢 Resolved
🔹 Disclosed: November 4, 2022, 3:43am (UTC)

102 views18:40

Bugpoint

DOS via move_issue

👉 https://hackerone.com/reports/1543584

🔹 Severity: Medium | 💰 2,300 USD
🔹 Reported To: GitLab
🔹 Reported By: #legit-security
🔹 State: 🟢 Resolved
🔹 Disclosed: November 4, 2022, 3:44am (UTC)

98 views18:40

Bugpoint

Path paths and file disclosure vulnerabilities at influxdb.quality.gitlab.net

👉 https://hackerone.com/reports/1643962

🔹 Severity: Low | 💰 100 USD
🔹 Reported To: GitLab
🔹 Reported By: #otoyyy
🔹 State: 🟢 Resolved
🔹 Disclosed: November 4, 2022, 3:46am (UTC)

96 views18:40

Bugpoint

DOS via issue preview

👉 https://hackerone.com/reports/1543718

🔹 Severity: High | 💰 7,640 USD
🔹 Reported To: GitLab
🔹 Reported By: #legit-security
🔹 State: 🟢 Resolved
🔹 Disclosed: November 4, 2022, 3:47am (UTC)

103 views18:40

Bugpoint

CSS Injection via Client Side Path Traversal + Open Redirect leads to personal data exfiltration on Acronis Cloud

👉 https://hackerone.com/reports/1245165

🔹 Severity: Medium | 💰 250 USD
🔹 Reported To: Acronis
🔹 Reported By: #mr-medi
🔹 State: 🟢 Resolved
🔹 Disclosed: November 4, 2022, 7:38pm (UTC)

106 views18:40

Bugpoint

CVE-2022-35252: control code in cookie denial of service

👉 https://hackerone.com/reports/1686935

🔹 Severity: Low | 💰 480 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #haxatron1
🔹 State: 🟢 Resolved
🔹 Disclosed: November 5, 2022, 2:50pm (UTC)

94 views18:40

Bugpoint

Completely remove VPN profile from locked WARP iOS cient.

👉 https://hackerone.com/reports/1633231

🔹 Severity: High | 💰 1,000 USD
🔹 Reported To: Cloudflare Public Bug Bounty
🔹 Reported By: #joshatmotion
🔹 State: 🟢 Resolved
🔹 Disclosed: November 7, 2022, 10:59am (UTC)

89 views18:40

Bugpoint

Bypass Cloudflare WARP lock on iOS.

👉 https://hackerone.com/reports/1542450

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: Cloudflare Public Bug Bounty
🔹 Reported By: #joshatmotion
🔹 State: 🟢 Resolved
🔹 Disclosed: November 7, 2022, 11:02am (UTC)

90 views18:40

Bugpoint

I found another way to bypass Cloudflare Warp lock!

👉 https://hackerone.com/reports/1605847

🔹 Severity: High | 💰 1,000 USD
🔹 Reported To: Cloudflare Public Bug Bounty
🔹 Reported By: #joshatmotion
🔹 State: 🟢 Resolved
🔹 Disclosed: November 7, 2022, 11:02am (UTC)

97 views18:41

About

Blog

Apps

Platform