Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Alliance of American Football - HackerOne Reports

View on HackerOne

2

Total Reports

0

Critical

2

High

0

Medium

0

Low

attacker can book unlimited tickets in free at https://aaf.com/checkout/order-received/21237/?key=wc_order_5bbef48fa35b2

Reported by: gujjuboy10x00 | Disclosed:

High

Weakness: Business Logic Errors

Stored xss in address field in billing activity at https://shop.aaf.com/Order/step1/index.cfm

Reported by: gujjuboy10x00 | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored