BCM Messenger - HackerOne Reports
View on HackerOne3
Total Reports
0
Critical
0
High
1
Medium
1
Low
Account Takeover with old password and login QR
Reported by:
namunah
|
Disclosed:
Weakness: Improper Authentication - Generic
API - Amazon S3 bucket misconfiguration
Reported by:
c37m
|
Disclosed:
Medium
Weakness: Improper Access Control - Generic
IDOR leading to downloading of any attachment
Reported by:
naaash
|
Disclosed:
Low
Weakness: Violation of Secure Design Principles