Inflection - HackerOne Reports
View on HackerOne24
Total Reports
0
Critical
4
High
5
Medium
4
Low
Open Redirect
Reported by:
malcolmx
|
Disclosed:
Medium
Weakness: Open Redirect
Limited Account Takeover via Backup codes
Reported by:
gopalsingh27
|
Disclosed:
Identity Login Page Redirect Can Be Manipulated
Reported by:
malcolmx
|
Disclosed:
High
Weakness: Open Redirect
Clickjacking on https://www.goodhire.com/api
Reported by:
tolo7010
|
Disclosed:
Low
Weakness: UI Redressing (Clickjacking)
Reflected Cross-site Scripting Vulnerability via JSON Error Message
Reported by:
cosmopolitan_fi
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Business Logic Flaw allowing Privilege Escalation
Reported by:
zs75
|
Disclosed:
Weakness: Business Logic Errors
Fake mailing reports using mail service on [URL : mail-txn.identity.com]
Reported by:
namansahore
|
Disclosed:
Low
Privilege Escalation.
Reported by:
leet-boy
|
Disclosed:
Low
Weakness: Privilege Escalation
Open redirect at app.goodhire.com via ReturnUrl parameter
Reported by:
exception
|
Disclosed:
High
Malicious callback url can be set while creating application in identity
Reported by:
csanuragjain
|
Disclosed:
Medium
Weakness: Business Logic Errors
No password confirmation on changing primary email address
Reported by:
papa_hecker
|
Disclosed:
Weakness: Improper Access Control - Generic
Information Disclosure and Privilege Escalation in app.goodhire.com/member/developers/api-settings
Reported by:
hackedbrain
|
Disclosed:
High
Weakness: Information Disclosure
Open Redirect through POST Request
Reported by:
malcolmx
|
Disclosed:
Medium
Weakness: Open Redirect
XSS at https://app.goodhire.com/member/GH.aspx
Reported by:
exception
|
Disclosed:
Medium
HTTP Host Header Injection on app.goodhire.com
Reported by:
anonymousmian
|
Disclosed:
Weakness: HTTP Response Splitting
Privilege Escalation: Read-Only to Admin
Reported by:
foobar7
|
Disclosed:
High
Weakness: Privilege Escalation
Host Header Injection and Cache Poisoning
Reported by:
kiddie
|
Disclosed:
Amount Manipulation Buy Unlimited Credits in just $1.00
Reported by:
anonymousmian
|
Disclosed:
Weakness: Insecure Direct Object Reference (IDOR)
Goodhire Open Redirect
Reported by:
protector47
|
Disclosed:
Weakness: Open Redirect
XST(Cross Site Tracing)
Reported by:
thalaivarsubu
|
Disclosed:
Page 1 of 2
Next