Quantopian - HackerOne Reports
View on HackerOne4
Total Reports
0
Critical
1
High
1
Medium
1
Low
Cross-site scripting via hardcoded front-end watched expression.
Reported by:
irisrumtub
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Generic
Bounty: $1225.00
Cross-site scripting on algorithm collaborator
Reported by:
irisrumtub
|
Disclosed:
High
Weakness: Cross-site Scripting (XSS) - Stored
Bounty: $2100.00
Ability to perform various POST requests on quantopian.com as a different user - insecure by design.
Reported by:
irisrumtub
|
Disclosed:
Low
Weakness: Violation of Secure Design Principles
Bounty: $1050.00
Stored cross-site scripting in dataset owner.
Reported by:
irisrumtub
|
Disclosed:
Weakness: Cross-site Scripting (XSS) - Stored
Bounty: $1925.00