readme.md

Title

Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/

URL

https://hackerone.com/reports/861521

Severity score

null

Reporter

mayurudiniya

Bounty paid

$50

---

Title

Отправка писем с произвольным текстом/кликабельными ссылками любому зарегистрированному пользователю с указанной почтой, зная только steamid

URL

https://hackerone.com/reports/993711

Severity score

9.7

Reporter

libneko

Bounty paid

$2,000

---

Title

Rack parses encoded cookie names allowing an attacker to send malicious __Host- and __Secure- prefixed cookies

URL

https://hackerone.com/reports/895727

Severity score

null

Reporter

fletchto99

Bounty paid

null

---

Title

Session cookie without secure flag on https://underwriter.partner.cuvva.com

URL

https://hackerone.com/reports/236533

Severity score

null

Reporter

amaljacob7531

Bounty paid

null

---

Title

[REMOTE] Full Account Takeover At https://██████████████/CAS/

URL

https://hackerone.com/reports/215859

Severity score

null

Reporter

karimrahal

Bounty paid

null

---

Title

Chat exposed using cookie

URL

https://hackerone.com/reports/279070

Severity score

null

Reporter

sahore

Bounty paid

null

---

Title

Reset password cookie leads to account takeover

URL

https://hackerone.com/reports/1004536

Severity score

6.3

Reporter

seqrity

Bounty paid

null

---