Urban Dictionary - HackerOne Reports
View on HackerOne12
Total Reports
0
Critical
1
High
4
Medium
3
Low
Domain does not Match SSL Certificate
Reported by:
kittiesscript
|
Disclosed:
Weakness: Man-in-the-Middle
Race condition in up voting and down voting
Reported by:
flashdisk
|
Disclosed:
Low
Weakness: Violation of Secure Design Principles
Race Condition in Definition Votes
Reported by:
cablej
|
Disclosed:
Bypass voting restriction due to HTTP Header Injection
Reported by:
schirgel
|
Disclosed:
Medium
Text injection on Auth problem at urbandictionary.com
Reported by:
ak1t4
|
Disclosed:
Weakness: Violation of Secure Design Principles
Stored XSS on urbandictionary.com
Reported by:
flex0geek
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Stored
Session replay vulnerability in www.urbandictionary.com
Reported by:
tcpiplab
|
Disclosed:
High
Weakness: Insufficient Session Expiration
Users able to set video url for unpublished words and able to see the name of unpublished words
Reported by:
d3f4u17
|
Disclosed:
Low
Weakness: Information Disclosure
Source Code Disclosure
Reported by:
linkks
|
Disclosed:
Weakness: Information Disclosure
See details of a unpublished word by guessing the word ID
Reported by:
tyagiji
|
Disclosed:
Low
Weakness: Information Disclosure
DOM XSS through ads
Reported by:
bemodtwz
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - DOM
CSRF to Reflected XSS at echo.urbandictionary.biz via spoofing content type
Reported by:
osama-hamad
|
Disclosed:
Medium
Weakness: Cross-site Scripting (XSS) - Stored