Palo Alto Software - HackerOne Reports
View on HackerOne9
Total Reports
2
Critical
2
High
3
Medium
0
Low
IDOR on notes to HTML injection
Reported by:
ph-hitachi
|
Disclosed:
Medium
Weakness: Insecure Direct Object Reference (IDOR)
DNS Miconfiguration Leads to Subdomain Takeover - max1.liveplan.com
Reported by:
melbadry9
|
Disclosed:
High
Weakness: Privilege Escalation
IDOR on update user preferences
Reported by:
macasun
|
Disclosed:
Critical
Weakness: Insecure Direct Object Reference (IDOR)
Clickjacking
Reported by:
paramdham
|
Disclosed:
Subdomain takeover of www2.growasyouplan.com
Reported by:
ian
|
Disclosed:
Medium
Weakness: Externally Controlled Reference to a Resource in Another Sphere
Unauthorised access to pagespeed global admin at https://webtools.paloalto.com/
Reported by:
lordjerry0x01
|
Disclosed:
Weakness: Improper Access Control - Generic
[Bypass #870709] Unauthorised access to pagespeed global admin at https://webtools.paloalto.com/
Reported by:
silentkiller_
|
Disclosed:
Medium
Weakness: Improper Access Control - Generic
Stored XSS on upload files leads to steal cookie
Reported by:
homaa
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Stored
weak protection against brute-forcing on login api leads to account takeover
Reported by:
zer0code
|
Disclosed:
Critical
Weakness: Improper Restriction of Authentication Attempts