Stellar.org - HackerOne Reports
View on HackerOne10
Total Reports
0
Critical
3
High
4
Medium
0
Low
xss
Reported by:
vyshnav_nk
|
Disclosed:
High
It's possible to put SDX orderbook into invalid state and execute trades at arbitrary price
Reported by:
nebolsin
|
Disclosed:
High
Weakness: Business Logic Errors
Bypassing Verify Humans Page
Reported by:
suvrat7
|
Disclosed:
Weakness: Improper Authentication - Generic
Exploitable vulnerability in SDEX
Reported by:
orbitlens
|
Disclosed:
High
Weakness: Business Logic Errors
heap-buffer-overflow (READ of size 1) in cpptoml::parser::consume_whitespace()
Reported by:
geeknik
|
Disclosed:
Weakness: Heap Overflow
Admin panel of https://www.stellar.org/wp-admin/
Reported by:
hach3ro
|
Disclosed:
Medium
Weakness: Violation of Secure Design Principles
Session Cookie without HttpOnly and secure flag set
Reported by:
k4yy1s
|
Disclosed:
Weakness: Violation of Secure Design Principles
Direct URL access to PDF files
Reported by:
ramakanthk35
|
Disclosed:
Medium
Weakness: Forced Browsing
brute force attack allowed on admin page https://www.stellar.org/wp-admin/
Reported by:
abo-jehad
|
Disclosed:
Medium
Weakness: Improper Restriction of Authentication Attempts
HTTP - Basic Authentication on https://www.stellar.org/wp-login.php
Reported by:
mrnull1337
|
Disclosed:
Medium
Weakness: Violation of Secure Design Principles