Bypass report submit restriction/ban using the API key 2023-10-29 19:23:39 | 阅读: 7 | 收藏 | HackerOne Hacker Activity - hackerone.com

Security bug https://bugzilla.mozilla.org/oauth/authorize - CRLF Header injection via "redirect_uri" parameter 2023-10-28 22:57:49 | 阅读: 7 | 收藏 | HackerOne Hacker Activity - hackerone.com

Password and mail address stored unencrypted in memory - Rockstar Game Launcher 2023-10-28 05:10:26 | 阅读: 8 | 收藏 | HackerOne Hacker Activity - hackerone.com

CVE-2023-40611: Apache Airflow Dag Runs Broken Access Control Vulnerability 2023-10-27 23:8:33 | 阅读: 3 | 收藏 | HackerOne Hacker Activity - hackerone.com

Unauthorized Access to Deleted Interviews on Glassdoor Platform 2023-10-27 22:58:50 | 阅读: 3 | 收藏 | HackerOne Hacker Activity - hackerone.com

Race condition in up voting and down voting 2023-10-27 22:7:16 | 阅读: 5 | 收藏 | HackerOne Hacker Activity - hackerone.com

Possibility of Deface through translation tool - www.mozilla.com 2023-10-27 16:48:29 | 阅读: 6 | 收藏 | HackerOne Hacker Activity - hackerone.com

RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field 2023-10-26 18:7:49 | 阅读: 3 | 收藏 | HackerOne Hacker Activity - hackerone.com

Flickr API key leaked in GitHub commit 2023-10-26 16:30:24 | 阅读: 3 | 收藏 | HackerOne Hacker Activity - hackerone.com

Unreleased Hackerone Copilot is vulnerable to IDOR 2023-10-26 07:17:15 | 阅读: 17 | 收藏 | HackerOne Hacker Activity - hackerone.com

Code inject via nginx.ingress.kubernetes.io/permanent-redirect annotation 2023-10-26 06:46:43 | 阅读: 11 | 收藏 | HackerOne Hacker Activity - hackerone.com

Improper Access Control allows OTP bypass 2023-10-26 06:35:25 | 阅读: 10 | 收藏 | HackerOne Hacker Activity - hackerone.com

Search input is vulnerable for XSS in qa.td.com and dev.td.com 2023-10-26 01:54:36 | 阅读: 8 | 收藏 | HackerOne Hacker Activity - hackerone.com

Accessing apps protected via ZT's Access when user account is deleted/disabled even after clearing user session/seat 2023-10-25 23:2:46 | 阅读: 7 | 收藏 | HackerOne Hacker Activity - hackerone.com

New Search Feature: Search for non-public words in limited disclosure reports 2023-10-25 22:51:19 | 阅读: 6 | 收藏 | HackerOne Hacker Activity - hackerone.com

Blind SSRF on https://my.exnessaffiliates.com/ allows for internal network enumeration 2023-10-25 21:10:0 | 阅读: 6 | 收藏 | HackerOne Hacker Activity - hackerone.com

Hacker email disclosed on submission at hackerone hactivity 2023-10-24 17:49:58 | 阅读: 5 | 收藏 | HackerOne Hacker Activity - hackerone.com

Information Disclosure FrontPage Configuration Information 2023-10-21 01:14:8 | 阅读: 8 | 收藏 | HackerOne Hacker Activity - hackerone.com

After the upload of an private file, using transformations, the file becomes public without the possibility of changing it. 2023-10-20 17:37:30 | 阅读: 4 | 收藏 | HackerOne Hacker Activity - hackerone.com

HTML Injection at https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/user/unsubscribe 2023-10-20 17:32:12 | 阅读: 8 | 收藏 | HackerOne Hacker Activity - hackerone.com