Channel address:
Categories:
Technologies
Language: English
Subscribers:
1.23K
Description from channel
Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣
Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback
#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
1
4 stars
0
3 stars
0
2 stars
0
1 stars
1
The latest Messages 21
2022-04-22 03:44:02
Bypass of fix #1370749 https://hackerone.com/reports/1489077
Severity: Low |
900 USD Reported To: Shopify
Reported By: #encryptsaan123
State: Resolved
Disclosed: April 22, 2022, 12:41am (UTC)
124 views00:44
2022-04-22 01:40:02
After changing the storefront password, the preview link is still valid https://hackerone.com/reports/1370749
Severity: Low |
900 USD Reported To: Shopify
Reported By: #tomorrow_future
State: Resolved
Disclosed: April 21, 2022, 10:38pm (UTC)
137 views22:40
2022-04-22 01:12:03
Open redirect by the parameter redirectUri in the URL https://hackerone.com/reports/1250758
Severity: Low
Reported To: BlackRock
Reported By: #mrccrqr
State: Resolved
Disclosed: April 21, 2022, 10:10pm (UTC)
134 views22:12
2022-04-22 01:08:03
[h1-2102] [Plus] User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only https://hackerone.com/reports/1084892
Severity: Medium |
1,900 USD Reported To: Shopify
Reported By: #ngalog
State: Resolved
Disclosed: April 21, 2022, 10:05pm (UTC)
126 views22:08
2022-04-22 01:08:02
[h1-2102] [Plus] User with Store Management Permission can Make convertUsersFromSaml/convertUsersToSaml - that should be limited to User Management https://hackerone.com/reports/1084904
Severity: Medium |
1,900 USD Reported To: Shopify
Reported By: #ngalog
State: Resolved
Disclosed: April 21, 2022, 10:05pm (UTC)
118 views22:08
2022-04-22 01:06:02
[h1-2102] [PLUS] User with Store Management Permission can Make enforceSamlOrganizationDomains call - that should be limited to User Management Only https://hackerone.com/reports/1084939
Severity: Medium |
1,900 USD Reported To: Shopify
Reported By: #ngalog
State: Resolved
Disclosed: April 21, 2022, 10:05pm (UTC)
120 views22:06
2022-04-21 23:36:02
User with no Develop apps permission can Uninstall Custom App https://hackerone.com/reports/1466855
Severity: Low |
600 USD Reported To: Shopify
Reported By: #ayyoub
State: Resolved
Disclosed: April 21, 2022, 8:33pm (UTC)
135 views20:36
2022-04-21 22:08:02
[h1-2102] Improper Access Control at https://shopify.plus/[id]/users/api in operation UpdateOrganizationUserRole https://hackerone.com/reports/1084638
Severity: Medium |
950 USD Reported To: Shopify
Reported By: #ramsexy
State: Resolved
Disclosed: April 21, 2022, 7:06pm (UTC)
155 views19:08
2022-04-21 21:56:02
Same the Url https://hackerone.com/reports/1459338
Severity: No Rating |
500 USD Reported To: Shopify
Reported By: #4bel
State: Resolved
Disclosed: April 21, 2022, 6:54pm (UTC)
167 views18:56
2022-04-21 18:40:02
curl proceeds with unsafe connections when -K file can't be read https://hackerone.com/reports/1542881
Severity: High
Reported To: curl
Reported By: #medianmedianstride
State: Informative
Disclosed: April 21, 2022, 3:38pm (UTC)
178 views15:40
B
