HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 121 - 140
Hi, Though passwords reset links cannot be used more than once but I found a case where one could do so. ##Reproduction Steps 1. Request a Password Reset on demo.weblate.org 2. Click the reset link in email 3. Enter a new password 4. Click `Set my password` 5. Then you'll …
Summary ========== The /bridge/admin/skyport/install endpoint, as well as some of the endpoints around it, are vulnerable to Cross-Site Request Forgery. Description ========= The functions in src/Cabin/Bridge/Controller/Skyport.php in the Airship project appear to all be vulnerable to Cross-Site Request Forgery. I would have put this as a high, but from my …
I've been exploring the industry-wide scope of the use of HTTP to resolve dependencies in build infrastructure across the industry. What I unearthed was that some of the most popular libraries and two compilers were impacted by this vulnerability. ## Vulnerability [CWE-829: Inclusion of Functionality from Untrusted Control Sphere](https://cwe.mitre.org/data/definitions/829.html) [CWE-494: …
## Summary: [add summary of the vulnerability] Curl can be coaxed to leak user credentials to third-party host by issuing HTTP redirect. ## Steps To Reproduce: [add details for how we can reproduce the issue] 1.Create a 302.php file, such as: ``` <?php header("Location: http://a.com:8000"); ?> ``` Add the 2 …
The page includes one or more script files from a third-party domain. XSSI is a fancy way of saying: you are including in your program, someone elses code; You don't have any control over what is in that code, and you don't have any control over the security of the …
*Note*: According to https://www.securityweek.com/kaspersky-adds-password-manager-bug-bounty-program and some other sources, Kaspersky Password Manager is in scope for this program. The program description doesn't reflect this however. **Summary** There is a stored XSS vulnerability in popover.html (the page being displayed as browser action pop-up in the Kaspersky Password Manager browser extension) via user …
By uploading and image with the title of ``` "><svg onload=alert(1)>.jpg``` and allowing anyone to edit the Document under collaboration settings, XSS can be triggered by any user attempting to edit the document. POC ==== 1. Log into marketplace and go to profile page. Select New > Document 2. Choose …
Hi Team, **Summary:** I have found an Insufficient Session Expiration on implementation of the new `Revoke user session` feature of HackerOne here: https://hackerone.com/settings/sessions **Description:** The new __REVOKE__ session feature will destroy the session of the selected device, that means any request that requires authorization should not work (`POST`, `GET`) __BUT__ …
Reported to the project maintainers in 2016. Regardless of CVE-2016-8575 q933_print() still could overread the buffer trying to parse a short packet. Fixed by https://github.com/the-tcpdump-group/tcpdump/commit/c39c1d99ac3b6d5d9519b39da6717180651650d3.
Introduction ============ Provided PoC segfaults at mrb_obj_instance_eval due to null pointer dereference. Proof of concept ================ Attached the poc. Crash report ============ ``` ./sandbox eval.rb ./sandbox:20: [BUG] Segmentation fault at 0x00000000000003 ruby 2.3.1p112 (2016-04-26) [x86_64-linux-gnu] -- Control frame information ----------------------------------------------- c:0003 p:---- s:0010 e:000009 CFUNC :sandbox_eval c:0002 p:0201 s:0005 E:000ef8 …