Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Lichess - HackerOne Reports

View on HackerOne

9

Total Reports

3

Critical

1

High

3

Medium

2

Low

Server-Side Request Forgery (SSRF) via Game Export API

Reported by: oblivionsage | Disclosed:

Critical

Weakness: Server-Side Request Forgery (SSRF)

Path Traversal Vulnerability in Lila Project

Reported by: immm | Disclosed:

High

Weakness: Path Traversal: '.../...//'

Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts

Reported by: closec4ll | Disclosed:

Medium

Weakness: Improper Restriction of Authentication Attempts

Weak Rate Limiting Controls in the (LOGIN) page Expose System to Brute Force and DoS Attacks

Reported by: hajjaj- | Disclosed:

Critical

Unauthorized Blogs Creation

Reported by: albetisi | Disclosed:

Low

Weakness: Improper Access Control - Generic

ImageId Format Injection in Image Upload Endpoint

Reported by: oblivionsage | Disclosed:

Medium

Weakness: Improper Input Validation

Direct IP Access to Website

Reported by: ryomenshuvro | Disclosed:

Critical

CSRF at Network feature

Reported by: psfauzi | Disclosed:

Medium

Weakness: Cross-Site Request Forgery (CSRF)

Open Redirect Vulnerability in OAuth Flow Leading to Potential Phishing Attack

Reported by: delsec_ | Disclosed:

Low

Weakness: Open Redirect