Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Glassdoor - HackerOne Reports

View on HackerOne

33

Total Reports

3

Critical

6

High

17

Medium

6

Low

HTML Injection in Glassdoor job sharing emails

Reported by: jackb898 | Disclosed:

Weakness: Phishing

CSS injection via link tag whitelisted-domain bypass - https://www.glassdoor.com

Reported by: zonduu | Disclosed:

Low

Reflected XSS on https://www.glassdoor.com/job-listing/spotlight

Reported by: vestige23 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

XSS at https://www.glassdoor.com/Salary/* via filter.jobTitleExact

Reported by: bendtheory | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

Web Cache Poisoning leads to XSS and DoS

Reported by: nokline | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Web Cache Poisoning leads to Stored XSS

Reported by: bombon | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

[XSS] Reflected XSS via POST request in (editJobAlert.htm) file

Reported by: flex0geek | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Open redirect on https://www.glassdoor.com/profile/siwa.htm via state parameter

Reported by: 0x7 | Disclosed:

Low

Weakness: Open Redirect

Cache Poisoning allows redirection on JS files

Reported by: youstin | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Reflected XSS on https://help.glassdoor.com/GD_HC_EmbeddedChatVF

Reported by: l0cpd | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS at https://www.glassdoor.com/Interview/Accenturme-Interview-Questions-E9931.htm via filter.jobTitleFTS parameter

Reported by: n1xk_10 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

[https://www.glassdoor.com] - Web Cache Deception Leads to gdtoken Disclosure

Reported by: bombon | Disclosed:

High

Weakness: Information Disclosure

Reflected XSS on https://www.glassdoor.com/parts/header.htm

Reported by: 0x7 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

2FA bypass by sending blank code

Reported by: safehacker_2715 | Disclosed:

High

Weakness: Improper Authentication - Generic

XSS in http://www.glassdoor.com/Search/results.htm via Parameter Pollution

Reported by: nokline | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Reflected XSS on https://www.glassdoor.com/employers/sem-dual-lp/

Reported by: parzel | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Access to Glassdoor's Infra (AWS) and BitBucket account through leaked repo

Reported by: prateek_0490 | Disclosed:

Critical

Weakness: Information Disclosure

CSRF in Demographic Settings with valid gdtoken of other account

Reported by: turb0h4x | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

IDOR Vulnerability in Job Preferences

Reported by: root_geek280 | Disclosed:

Low

Weakness: Insecure Direct Object Reference (IDOR)

Unauthorized Access to Deleted Interviews on Glassdoor Platform

Reported by: capablanca0 | Disclosed:

Low

Weakness: Insecure Direct Object Reference (IDOR)

Page 1 of 2 Next