Channel address:
Categories:
Technologies
Language: English
Subscribers:
1.23K
Description from channel
Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣
Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback
#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
1
4 stars
0
3 stars
0
2 stars
0
1 stars
1
The latest Messages 2
2022-08-31 15:01:02
CVE-2022-35252: control code in cookie denial of service https://hackerone.com/reports/1613943
Severity: Low
Reported To: curl
Reported By: #haxatron1
State: Resolved
Disclosed: August 31, 2022, 10:55am (UTC)
165 views12:01
2022-08-31 14:45:02
Blind SSRF on platform.dash.cloudflare.com Due to Sentry misconfiguration https://hackerone.com/reports/1467044
Severity: Low |
200 USD Reported To: Cloudflare Public Bug Bounty
Reported By: #lohigowda
State: Resolved
Disclosed: August 31, 2022, 10:54am (UTC)
157 views11:45
2022-08-30 21:27:02
TikTok's pixel/sdk.js leaks current URL from websites using postMessage https://hackerone.com/reports/1598749
Severity: Medium |
1,500 USD Reported To: TikTok
Reported By: #fransrosen
State: Resolved
Disclosed: August 30, 2022, 6:25pm (UTC)
188 views18:27
2022-08-29 21:35:03
weak protection against brute-forcing on login api leads to account takeover https://hackerone.com/reports/766875
Severity: Critical
Reported To: Palo Alto Software
Reported By: #zer0code
State: Resolved
Disclosed: August 29, 2022, 6:23pm (UTC)
220 views18:35
2022-08-26 23:26:02
Privilege Escalation - "Analyst" Role Can View Email Domains of a Company - [GET /voyager/api/voyagerOrganizationDashEmailDomainMappings] https://hackerone.com/reports/1572591
Severity: Medium |
500 USD Reported To: LinkedIn
Reported By: #naaash
State: Resolved
Disclosed: August 26, 2022, 6:38pm (UTC)
125 views20:26
2022-08-25 22:56:03
Unauthorized access https://hackerone.com/reports/1669176
Severity: Medium
Reported To: GitLab
Reported By: #mega7
State: Informative
Disclosed: August 25, 2022, 2:14pm (UTC)
183 views19:56
2022-08-25 22:56:02
Non-revoked API Key Information disclosure via Stripo_report() https://hackerone.com/reports/1613714
Severity: Medium
Reported To: Stripo Inc
Reported By: #deb0con
State: Resolved
Disclosed: August 25, 2022, 11:05am (UTC)
165 views19:56
2022-08-25 22:55:06
Default Login Credentials on https://broadbandmaps.mtn.com.gh/ https://hackerone.com/reports/1297480
Severity: Critical
Reported To: MTN Group
Reported By: #theranger
State: Resolved
Disclosed: August 25, 2022, 11:05am (UTC)
149 views19:55
2022-08-25 22:55:05
Pause-based desync in Apache HTTPD https://hackerone.com/reports/1667974
Severity: High |
4,000 USD Reported To: Internet Bug Bounty
Reported By: #albinowax
State: Resolved
Disclosed: August 25, 2022, 7:02am (UTC)
141 views19:55
2022-08-25 22:55:02
NordVPN Linux Client - Unsafe service file permissions leads to Local Privilege Escalation https://hackerone.com/reports/1218523
Severity: Medium |
700 USD Reported To: Nord Security
Reported By: #bashketchum
State: Resolved
Disclosed: August 24, 2022, 6:48pm (UTC)
133 views19:55