REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Reddit'
disclosed a bug submitted by
b'yashrs'
b'Race condition leads to Inflation of coins when bought via Google Play Store at endpoint https://oauth.reddit.com/api/v2/gold/android/verify_purchase '
27 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'trieulieuf9'
b'Outsider can affect Upvote Percentage of private subreddit post by calling /api/vote API'
27 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'moblig'
b"Image queue default key of 'None' and GraphQL unhandled type exception"
27 Oct 2021
b'XVIDEOS'
disclosed a bug submitted by
b'ch1ck3n42'
b'Script breaking tag (Forces website to render blank) (Informative)'
23 Oct 2021
b'TikTok'
disclosed a bug submitted by
b'arifmkhls'
b'XSS on tiktok.com'
23 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'jessforfun'
b'[Java] CWE-552: Unsafe url forward'
22 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics'
22 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'jessforfun'
b'[Python]: CWE-117 Log Injection '
22 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-502: Unsafe deserialization with three JSON frameworks'
22 Oct 2021
b'Lacework'
disclosed a bug submitted by
b'spyata'
b'Broken link profile in the website leads to identity theft.'
22 Oct 2021
b'TikTok'
disclosed a bug submitted by
b'sh1yo'
b'Reflected XSS in TikTok endpoints'
22 Oct 2021
b'Slack'
disclosed a bug submitted by
b'kmap'
b'Misuse of groups feature allows workspace members to join private channels without being invited'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'dinesh07'
b'S3 bucket Upload on studio.redditinc.com (s3-r-w.ap-east-1.amazonaws.com)'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'ianonavy'
b'GPS metadata preserved when converting HEIF to PNG'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'kedibeauty'
b'Broken Authendication And Session Management'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'hasnain_123'
b'Vulnerability Name: URL Redirection / Unvalidate Open Redirect'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'ravitejag'
b'User Account has been taken out'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'himan253'
b'critical file found etc/passwd on www.reddit.com'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'shylo'
b' XSS'
21 Oct 2021
b'Reddit'
disclosed a bug submitted by
b'shylo'
b'Oauth Misconfiguration Lead To Account Takeover'
21 Oct 2021
1
...
194
195
196
197
198
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM