RBKmoney - HackerOne Reports
View on HackerOne7
Total Reports
0
Critical
2
High
2
Medium
1
Low
Apple Pay cryptogram replay and amount tampering
Reported by:
timyun
|
Disclosed:
High
Weakness: Cryptographic Issues - Generic
IDOR in merchant.rbmonkey.com allows deleting eShops of another user
Reported by:
rijalrojan
|
Disclosed:
High
Information Disclosure - Composer.lock
Reported by:
bhenner__
|
Disclosed:
Weakness: Information Disclosure
SUBDOMAIN TAKEOVER [http://dev.rbk.money/]
Reported by:
n00bsec
|
Disclosed:
Medium
Weakness: Violation of Secure Design Principles
Text manipulation in https://checkout.rbk.money
Reported by:
arifkhan
|
Disclosed:
Weakness: Code Injection
DOM-based Cross-Site Scripting in redirect url checkout
Reported by:
spipm
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - DOM
Open Redirection on auth.rbk.money
Reported by:
abartan
|
Disclosed:
Low
Weakness: Open Redirect