Lyst - HackerOne Reports
View on HackerOne9
Total Reports
0
Critical
1
High
3
Medium
4
Low
[https://█████████/]&&[https://█████████/] Open Redirection
Reported by:
mandark
|
Disclosed:
Medium
Weakness: Open Redirect
Bypassing one-time checkout router page (revealing payment information)
Reported by:
tolo7010
|
Disclosed:
Low
Weakness: Information Disclosure
Web Cache poisoning attack leads to User information Disclosure and more
Reported by:
deksterh11
|
Disclosed:
Medium
Weakness: Violation of Secure Design Principles
Subdomain takeover of storybook.lystit.com
Reported by:
parzel
|
Disclosed:
High
Weakness: Privilege Escalation
Bounty: $1000.00
Mixed Active content issue on https://www.lyst.com
Reported by:
mrnull1337
|
Disclosed:
Low
Weakness: Violation of Secure Design Principles
DOM XSS on http://talks.lystit.com
Reported by:
gamer7112
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - DOM
Bounty: $100.00
Site configured improperly at subdomain of lyst.co.uk
Reported by:
mr_edwards
|
Disclosed:
Weakness: Violation of Secure Design Principles
Bounty: $100.00
CSRF - Adding unlimited number of saved items via GET request
Reported by:
inhibitor181
|
Disclosed:
Medium
Weakness: Cross-Site Request Forgery (CSRF)
Bounty: $150.00
SSRF at iris.lystit.com
Reported by:
tripwire
|
Disclosed:
Low
Weakness: Server-Side Request Forgery (SSRF)