Race condition via project team member invitation system\. https://hackerone.com/reports/1108291 Disclosed at: 2022-06-17 08:44:28 UTC+0 Created at: 2021-02-21 13:33:54 UTC+0
curl "globbing" can lead to denial of service attacks https://hackerone.com/reports/1572120 Disclosed at: 2022-06-16 15:14:32 UTC+0 Created at: 2022-05-16 15:19:36 UTC+0
CSRF \(protection bypassed\) to force a below 18 user into viewing an nsfw subreddit \! https://hackerone.com/reports/1480569 Disclosed at: 2022-06-16 04:27:02 UTC+0 Created at: 2022-02-14 09:59:51 UTC+0
XSS STORED at https://webcast\.tiktokv\.com/ Via Create Live Event in \`Description\` Form https://hackerone.com/reports/1542703 Disclosed at: 2022-06-16 01:58:09 UTC+0 Created at: 2022-04-16 15:59:27 UTC+0
Delete direct message history without access the proper conversation\_id https://hackerone.com/reports/1487804 Disclosed at: 2022-06-15 20:01:04 UTC+0 Created at: 2022-02-21 19:34:29 UTC+0
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more su https://hackerone.com/reports/1591504 Disclosed at: 2022-06-15 18:18:31 UTC+0 Created at: 2022-06-05 05:14:29 UTC+0