Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Algolia - HackerOne Reports

View on HackerOne

25

Total Reports

0

Critical

2

High

9

Medium

2

Low

RCE on facebooksearch.algolia.com

Reported by: michiel | Disclosed:

Weakness: Code Injection

Bounty: $500.00

An “algobot”-s GitHub access token was leaked

Reported by: sainaen | Disclosed:

Medium

Weakness: Information Disclosure

Bounty: $100.00

[github.algolia.com] DOM Based XSS github-btn.html

Reported by: bobrov | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

Bounty: $100.00

PHP-FPM status page disclosure

Reported by: iamthefrogy | Disclosed:

Low

Weakness: Information Disclosure

Directory traversal at https://msg.algolia.com

Reported by: n00bsec | Disclosed:

Medium

Weakness: Path Traversal

[github.algolia.com] XSS

Reported by: bogdantcaciuc | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

subdomain take over at recommendation.algolia.com

Reported by: badcracker | Disclosed:

Medium

Weakness: Violation of Secure Design Principles

No Rate Limit In Inviting Similar Contact Multiple Times

Reported by: rajauzairabdullah | Disclosed:

Weakness: Cryptographic Issues - Generic

Bounty: $100.00

Reflected XSS

Reported by: no_thing | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

email verification bypass

Reported by: akashhamal0x01 | Disclosed:

Medium

Weakness: Improper Authentication - Generic

Web Cache Deception vulnerability on algolia.com leads to personal information leakage

Reported by: golim | Disclosed:

Medium

Weakness: Violation of Secure Design Principles

Bounty: $400.00

Hyperlink Injection in Friend Invitation Emails

Reported by: corb3nik | Disclosed:

Weakness: Open Redirect

Bounty: $100.00

Possilbe Sub Domain takever at prestashop.algolia.com

Reported by: punkrock | Disclosed:

Stored xss

Reported by: rishi62 | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

Unauthorized team members can leak information and see all API calls through /1/admin/* endpoints, even after they have been removed.

Reported by: eboda | Disclosed:

Weakness: Improper Authentication - Generic

Bounty: $400.00

Stored XSS from Display Settings triggered on Save and viewing realtime search demo

Reported by: ctee | Disclosed:

Weakness: Cross-site Scripting (XSS) - Generic

[GitHub Extension] Unsanitised HTML leading to XSS on GitHub.com

Reported by: ysx | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - DOM

Information disclosure via a misconfigured third-party product

Reported by: h4x0r_dz | Disclosed:

High

Weakness: Information Disclosure

Web Cache Deception Attack (XSS)

Reported by: testingforbugs | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Information disclosure -> 2fa bypass -> POST exploitation

Reported by: akashhamal0x01 | Disclosed:

Medium

Weakness: Information Disclosure

Page 1 of 2 Next