Vimeo - HackerOne Reports
View on HackerOne24
Total Reports
1
Critical
4
High
1
Medium
0
Low
XSS on vimeo.com/home after other user follows you
Reported by:
stefanovettorazzi
|
Disclosed:
Weakness: Cross-site Scripting (XSS) - Generic
SSRF leaking internal google cloud data through upload function [SSH Keys, etc..]
Reported by:
dphoeniixx
|
Disclosed:
Critical
Weakness: Server-Side Request Forgery (SSRF)
Invite any user to your group without even following him
Reported by:
indoappsec
|
Disclosed:
Weakness: Privilege Escalation
URGENT - Subdomain Takeover on status.vimeo.com due to unclaimed domain pointing to statuspage.io
Reported by:
avlidienbrunn
|
Disclosed:
Weakness: Cross-Site Request Forgery (CSRF)
Previous
Page 2 of 2