Informatica - HackerOne Reports
View on HackerOne68
Total Reports
11
Critical
34
High
14
Medium
7
Low
Html injection on ██████.informatica.com via search.html?q=1
Reported by:
lu3ky-13
|
Disclosed:
Medium
Weakness: Code Injection
loing in to marketplace panel on enablement.informatica.com
Reported by:
lu3ky-13
|
Disclosed:
Medium
Weakness: Improper Authentication - Generic
Unrestricted file upload - cloudacademy.informatica.com
Reported by:
0ways
|
Disclosed:
Medium
Reflected Cross-Site Scripting/HTML Injection
Reported by:
jak0_
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Reflected
Stored XSS via Discussion Title and Send as Email attribute in [marketplace.informatica.com]
Reported by:
fillawful
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
[careers.informatica.com] XSS on "isJTN"
Reported by:
huntertxt
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
[doc.rt.informaticacloud.com] Reflected XSS via Stack Strace
Reported by:
bigbear_
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Reflected
[doc.rt.informaticacloud.com] Arbitrary File Reading via Double URL Encode
Reported by:
bigbear_
|
Disclosed:
High
Weakness: Path Traversal
Reflected XSS
Reported by:
panckazzz
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Generic
[network.informatica.com] The login form XSS via the referer value
Reported by:
s_p_q_r
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
[marketplace.informatica.com] Profile stored XSS
Reported by:
s_p_q_r
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
[oneclickdrsfdc-test.informatica.com] Tomcat Example Scripts Exposed Unauthenticated
Reported by:
zephrfish
|
Disclosed:
Low
Weakness: Improper Authentication - Generic
[careers.informatica.com] Reflected Cross Site Scripting to XSS Shell Possible
Reported by:
zephrfish
|
Disclosed:
High
Weakness: Command Injection - Generic
[careers.informatica.com] Cross Site Script Vulnerability on informatica
Reported by:
gorkha
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
Store XSS on Informatica University via transcript (informatica.csod.com)
Reported by:
alfredsaonoy
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Generic
Cross-site Scripting (XSS) - DOM - iqcard.informatica.com
Reported by:
rodntt
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - DOM
..; bypass leading to tomcat scripts [Unauthenticated]
Reported by:
rodntt
|
Disclosed:
Medium
Weakness: Improper Access Control - Generic
CVE-2021-40870 in [███]
Reported by:
fdeleite
|
Disclosed:
Critical
Weakness: Code Injection
CVEs:
CVE-2021-40870
XXE through injection of a payload in the XMP metadata of a JPEG file
Reported by:
moebius
|
Disclosed:
Critical
Weakness: XML External Entities (XXE)
[community.informatica.com] - CSRF in Private Messages allows to move user's messages to Trash
Reported by:
artem
|
Disclosed:
High
Weakness: Cross-Site Request Forgery (CSRF)