| 4551 | Persistent XSS (Unvalidated oEmbed) at Medium.com |
Stored XSS |
Medium |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-10-04 | 2023-06-13 |
| 4544 | My First 0day Exploit (CSP Bypass + Reflected XSS) #BUGBOUNTY |
Reflected XSS
CSP bypass |
NA |
Ali Tütüncü(@alicanact60) |
Bug Bounty | 2018-10-07 | 2023-06-13 |
| 4543 | Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com |
Stored XSS |
LinkedIn |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-10-07 | 2023-06-13 |
| 4540 | DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More |
DOM XSS |
Tinder |
VPN Mentor (@vpnmentor) |
Bug Bounty | 2018-10-09 | 2023-06-13 |
| 4532 | Magic XSS with two parameters |
XSS |
NA |
Mahmood Shahabi (@m4shahab1) |
Bug Bounty | 2018-10-12 | 2023-06-13 |
| 4531 | [Bug bounty | mail.ru] Access to the admin panel of the partner site and data disclosure of 2 million users |
Authentication bypass
Blind XSS |
Mail.ru |
Max (@iSecMax) |
Bug Bounty | 2018-10-12 | 2023-06-13 |
| 4524 | XSS with PUT in Ghost Blog |
XSS |
Ghost |
Derek (@StackCrash) |
Bug Bounty | 2018-10-19 | 2023-06-13 |
| 4523 | A Story of mishandling the Chunked Data (CVE-2018-17082) |
XSS |
PHP |
Prashanth Varma (@cymtrick) |
Bug Bounty | 2018-10-20 | 2023-06-13 |
| 4520 | Cookie-based-injection XSS making exploitable with-out exploiting other Vulns |
XSS |
NA |
Utkarsh Agrawal (@agrawalsmart7) |
Bug Bounty | 2018-10-22 | 2023-06-13 |
| 4518 | XSS with HTML and how to convert the HTML into charcode() |
XSS |
Purinar Logistics |
Arif-ITSEC111 |
Bug Bounty | 2018-10-22 | 2023-06-13 |
| 4501 | Stored XSS in Bug Bounty |
Stored XSS |
NA |
KatsuragiCSL (@ZuuitterE) |
Bug Bounty | 2018-11-01 | 2023-06-13 |
| 4496 | How Outdated JIRA Instances suffers from multiple security vulnerabilities? |
XSS
SSRF |
Visma |
Yeasir Arafat |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4492 | Evernote For Windows Read Local File and Command Execute Vulnerabilities |
Stored XSS
LFI
RCE |
Evernote |
TongQing Zhu |
Bug Bounty | 2018-11-05 | 2023-06-13 |
| 4491 | XSS in Dynamics 365 |
XSS |
Microsoft |
Tim Kent (@__timk) |
Bug Bounty | 2018-11-06 | 2023-06-13 |
| 4483 | OLX Reflected XSS on Resend Code link !! |
Reflected XSS |
OLX |
Harshad Gaikwad (@h4rsh4d) |
Bug Bounty | 2018-11-12 | 2023-06-13 |
| 4482 | Chain exploitation of XSS |
DOM XSS
Clickjacking
CSRF |
NA |
Mikhail Klyuchnikov (@__Mn1__) |
Bug Bounty | 2018-11-12 | 2023-06-13 |
| 4480 | [DOM based XSS] Or why you should not rely on Cloudflare too much |
DOM XSS |
NA |
KatsuragiCSL (@ZuuitterE) |
Bug Bounty | 2018-11-13 | 2023-06-13 |
| 4476 | How I Discovered XSS that Affects around 20 Uber Subdomains |
XSS |
Uber |
Fady Othman (@Fady_Othman) |
Bug Bounty | 2018-11-14 | 2023-06-13 |
| 4471 | HackenProof Customer Story: Uklon |
XSS
IDOR
Blind XSS
Account takeover |
Uklon |
HackenProof (@hackenproof) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4470 | [POC] Cross-Site Scripting on Garuda Indonesia Website |
XSS |
Garuda Indonesia |
Arif-ITSEC111 |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4469 | XSS in hidden input fields |
XSS |
NA |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2018-11-16 | 2023-06-13 |
| 4465 | Edmodo XSS Bug |
XSS |
Edmodo |
Sameer Phad (@sameerphad72) |
Bug Bounty | 2018-11-18 | 2023-06-13 |
| 4463 | XSS bypass using META tag in realestate.postnl.nl |
XSS |
post.nl |
Prial Islam Khan (@prial261) |
Bug Bounty | 2018-11-18 | 2023-06-13 |
| 4455 | Stored XSS Vulnerability in Jotform and H1C Private Site |
Stored XSS |
NA |
Anas Mahmood (@AnasIsHere) |
Bug Bounty | 2018-11-23 | 2023-06-13 |
| 4454 | My Journey To The Google Hall Of Fame |
Open redirect
XSS |
Google |
Abartan Dhakal (@imhaxormad) |
Bug Bounty | 2018-11-25 | 2023-06-13 |
