Greenhouse.io - HackerOne Reports
View on HackerOne10
Total Reports
0
Critical
2
High
4
Medium
2
Low
Debug information disclosure on oauth-redirector.services.greenhouse.io
Reported by:
ajxchapman
|
Disclosed:
Medium
Weakness: Information Exposure Through Debug Information
Content Spoofing on link.greenhouse.io
Reported by:
0xorigin
|
Disclosed:
Weakness: Violation of Secure Design Principles
DoS through cache poisoning using invalid HTTP parameters
Reported by:
irvinlim
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
Open Redirect in <customer>.greenhouse.io
Reported by:
cyneox
|
Disclosed:
High
Weakness: Open Redirect
[greenhouse.io] CRLF Injection / Insecure nginx configuration
Reported by:
bobrov
|
Disclosed:
Subdomain Takeover on demo.greenhouse.io pointing to unbouncepages
Reported by:
ninadmathpati
|
Disclosed:
High
Weakness: Phishing
SSH port on store.greenhouse.io is vulnerable to brute force attacks
Reported by:
lonelyhuman
|
Disclosed:
Low
Weakness: Improper Restriction of Authentication Attempts
Cache poisoning using NULL bytes and long URLs
Reported by:
irvinlim
|
Disclosed:
Medium
Weakness: Improper Null Termination
Open S3 Bucket Accessible by any Aws User
Reported by:
kartarkat
|
Disclosed:
Low
Weakness: Improper Access Control - Generic
Bounty: $100.00
Bypass of request line length limit to DoS via cache poisoning
Reported by:
irvinlim
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption