Coinbase - HackerOne Reports
View on HackerOne33
Total Reports
3
Critical
0
High
1
Medium
9
Low
CSRF bug on password change
Reported by:
dark_heaven
|
Disclosed:
Weakness: Cross-Site Request Forgery (CSRF)
Csrf bug on signup session
Reported by:
dark_heaven
|
Disclosed:
Weakness: Cross-Site Request Forgery (CSRF)
Inaccurate Payment receipt
Reported by:
dpgribkov
|
Disclosed:
Window.opener bug at www.coinbase.com
Reported by:
punkrock
|
Disclosed:
Bounty: $100.00
Double Payout via PayPal
Reported by:
dawgyg
|
Disclosed:
Critical
Weakness: Business Logic Errors
Bounty: $10000.00
Open redirect on sign in
Reported by:
dark_heaven
|
Disclosed:
Low
Weakness: Open Redirect
X-Frame-Options
Reported by:
dark_heaven
|
Disclosed:
Weakness: UI Redressing (Clickjacking)
window.opener is leaking to external domains upon redirect on Safari
Reported by:
cablej
|
Disclosed:
Weakness: Violation of Secure Design Principles
Information disclosure of user by email using buy widget
Reported by:
cablej
|
Disclosed:
Medium
Weakness: Information Disclosure
User provided values passed to PHP unset() function
Reported by:
paulos__
|
Disclosed:
Weakness: Type Confusion
Information leakage on https://docs.gdax.com
Reported by:
0xorigin
|
Disclosed:
Weakness: Information Disclosure
Bounty: $100.00
Stored CSS Injection
Reported by:
cablej
|
Disclosed:
Weakness: Resource Injection
Information disclosure same issue #176002
Reported by:
jobertevans
|
Disclosed:
Low
Bounty: $100.00
Previous
Page 2 of 2