HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 1581 - 1600
Hello guys. I would like to share with you my discovery. The fact is that at: > https://www.rockstargames.com/gta/game/highscores.cgi Anyone can see the source code of the script {F166966} check please Regards @d1v3r
Hello team, I observed that your website https://nextcloud.com still use wordpress 4.7.2 Version 4.7.2 of wordpress is vulnerable to : Cross-site scripting (XSS) Control characters can trick redirect URL validation Cross-site scripting (XSS) via video URL in YouTube embeds Cross-site scripting (XSS) via taxonomy term names Cross-site request forgery (CSRF) …
### Description: The given URL fails to validate Origin header- leading to Cross-Site WebSocket Hijacking. ### Impact: The impact, however, depends on how the server is configured. For example, it might require an authentication token which are user specific. In such cases, it might not be as sever as it …
Good day :) Hope it goes well, an open redirect exists on the main xmpp.nextcloud.com domain allowing "bad hackers" to do bad things :) Poc https://xmpp.nextcloud.com///;@www.google.com May you be well on your side of the screen :) -Eric
Dear GitLab bug bounty team, # Summary --- Gitlab.com is vulnerable to reverse tabnabbing, since you use `target="_blank"` on links in the *Environments* section. {F166659} # Why does this vulnerability exist? --- The following `<a href="https://example.com/" target="_blank">link</a>` is vulnerable to reverse tabnabbing, because it uses `target="_blank"`: ~~~ <a target="_blank" class="btn …
1. Go to https://www.khanacademy.org/signup and signup as learner keeping date of birth below 13 years. {F1821117} 2. Now keep victims email as parent's email for example here I am keeping [email protected] as parents email and click on signup. ████ 3. Now you will see a following message "Your parent or …
It was observed that the application is vulnerable to cross-site scripting (XSS). XSS is a type of attack that involves running a malicious scripts on a victim’s browser. request.txt attacked poc attached ## Impact Cookie Stealing - A malicious user can steal cookies and use them to gain access to …
I have submitted a vulnerability that has now been fixed. The report includes a proof of concept that demonstrates code execution. The submitted patch was accepted with minor changes. https://bugs.python.org/issue28275 --- Python 3.5.2 suffers from a use after free vulnerability caused by the behavior of the LZMADecompressor.decompress method. The problem …
Full Node.js Security Releases - summarizing the issue is here:https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/ The original Node.js HackerOne report is here: https://hackerone.com/bugs?report_id=1447455 ----- Node.js versions earlier than 16.16.0 (LTS) and 14.20.0 are vulnerable to dynamic link library (DLL) hijacking. Attackers can exploit this vulnerability to escalate their privileges and establish persistence in a target …
Apache Airflow Docker's Provider shipped with an example DAG that was vulnerable to (authenticated) remote code exploit of code on the Airflow worker host. ##Vulnerability summary: In DAG script of airflow 2.3.3, there is a command injection vulnerability (RCE) in the script (example_docker_copy_data.py of docker provider), which can obtain the …
Not sure if this will qualify but it may impact a pretty broad audience given the fact that putty code is part of many other apps (filezilla, ...) and it is the defacto standalone ssh client for windows administrators (besides openssh cygwin) putty <= 0.66; affects putty versions dating back …
Details can be found in the following github advisory: https://github.com/electron/electron/security/advisories/GHSA-mq8j-3h7h-p8g7 ## Impact Using a renderer exploit, context isolation and nodeIntegrationInSubFrames can be disabled, which enables an attacker to leak IPC module and communicate with the more privileged main process which might eventually lead to Remote Code Execution if there are …
Hey Team I have some observations and issues which i found in my recent testing on h1 platform ( related to creation of a new private program ), So here are my observations listed below - kindly have a look and revert back if you feel like these are valid …
Description Remote attackers are able to retrieve a valid working api key with random Generation Process without a secure parsing or secure channel , human verification ..etc . the current proccess for requesting any api key is with signup form , and message with api delivered privately to user , …