Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Infogram - HackerOne Reports

View on HackerOne

48

Total Reports

1

Critical

5

High

20

Medium

14

Low

User account blocking by Internal Server error

Reported by: marataziat | Disclosed:

High

Persistent XSS in share button

Reported by: muon4 | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Weak Password Policy on Signup

Reported by: mr_r3boot | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Incorrect Functionality of Password reset links

Reported by: saikiran-10099 | Disclosed:

Low

Weakness: Violation of Secure Design Principles

CORS on (ws.infogram.com)

Reported by: real_loser | Disclosed:

Low

Weakness: Improper Access Control - Generic

Stored Cross-Site scripting in the infographics using links

Reported by: sp1d3rs | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Stored Cross-Site scripting in the infographics using Data Objects links

Reported by: sp1d3rs | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Tabnabbing via window.opener

Reported by: mr_r3boot | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Email notification is not being sent while changing passwords

Reported by: saikiran-10099 | Disclosed:

Low

Weakness: Violation of Secure Design Principles

No Rate limit on Password Reset Function

Reported by: akaash_pantherdefence | Disclosed:

Medium

Weakness: Improper Authentication - Generic

No Rate Limit on account deletion request(Leads to huge email flooding/email bombing)

Reported by: saikiran-10099 | Disclosed:

Low

Weakness: Violation of Secure Design Principles

SPF Misconfiguration

Reported by: mr_r3boot | Disclosed:

Low

Weakness: Violation of Secure Design Principles

User Enumeration

Reported by: saikiran-10098 | Disclosed:

Low

Weakness: Information Disclosure

Stored XSS in infogram.com via language

Reported by: theappsec | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

XSS on infogram.com

Reported by: mondhers | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Multiple xss on infogram templates

Reported by: mondhers | Disclosed:

Weakness: Cross-site Scripting (XSS) - Stored

Login Cross Site Request Forgery

Reported by: bluedangerforyou | Disclosed:

Weakness: Cross-Site Request Forgery (CSRF)

Password Reset Token Not Expired

Reported by: geekninja | Disclosed:

High

Weakness: Weak Password Recovery Mechanism for Forgotten Password

XSS when Shared

Reported by: haystack_needle | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

No Email Verification

Reported by: asad_anwar | Disclosed:

Medium

Weakness: Improper Certificate Validation

Page 1 of 3 Next