| 4287 | Reflected XSS at https://photos.shopify.com |
Reflected XSS |
Shopify |
Ahamed Morad (@Modam3r5) |
Bug Bounty | 2019-02-21 | 2023-06-13 |
| 4285 | Swiss_E-Voting_Publications |
XSS
XXE
RCE
Missing authentication
Authentication flaw
Hardcoded credentials |
Swiss E-Voting |
setuid0 (@_setuid0_) |
Bug Bounty | 2019-02-21 | 2023-06-13 |
| 4277 | How I alert(1) in Azure DevOps |
XSS
CSP bypass |
Microsoft |
SpyD3r (@TarunkantG) |
Bug Bounty | 2019-02-26 | 2023-06-13 |
| 4276 | [Still work] Redirect Yahoo Subdomain XSS Reflected from americangreetings.com |
Reflected XSS |
Yahoo! / Verizon Media |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2019-02-26 | 2023-06-13 |
| 4271 | XSS in Edmodo within 5 Minute (My First Bug Bounty) |
Reflected XSS |
Edmodo |
Vala Keyur (@valakeyur) |
Bug Bounty | 2019-03-04 | 2023-06-13 |
| 4266 | 3 XSS in ProtonMail for iOS |
XSS |
Apple |
Vladimir Metnew (@vladimir_metnew) |
Bug Bounty | 2019-03-06 | 2023-06-13 |
| 4260 | Inserting malware into anyone’s Google Earth Projects Archive |
IDOR
XSS
Authorization flaw |
Google |
Thomas Orlita (@ThomasOrlita) |
Bug Bounty | 2019-03-10 | 2023-06-13 |
| 4256 | How I found Blind XSS Vulnerability in redacted.com |
Blind XSS |
NA |
ssid (@newp_th) |
Bug Bounty | 2019-03-12 | 2023-06-13 |
| 4255 | Hack Your Form-New vector for Blind XSS |
Blind XSS
Stored XSS |
NA |
Youssef A. Mohamed (@GeneralEG64) |
Bug Bounty | 2019-03-13 | 2023-06-13 |
| 4254 | My First Stored XSS on Edmodo.com |
Stored XSS |
Edmodo |
ZishanAdThandar (@ZishanAdThandar) |
Bug Bounty | 2019-03-13 | 2023-06-13 |
| 4253 | OLX Bug Bounty: Reflected XSS |
Reflected XSS |
OLX |
Mukhammad Akbar (@abaykandotcom) |
Bug Bounty | 2019-03-13 | 2023-06-13 |
| 4251 | Write up – $1,000 usd in 5 minutes, xss stored in outlook.com (ios browsers) |
Stored XSS |
Microsoft |
Omar Espino (@omespino) |
Bug Bounty | 2019-03-14 | 2023-06-13 |
| 4247 | Target Finds Cross-Site Scripting in Microsoft SharePoint |
XSS |
Microsoft |
Target |
Bug Bounty | 2019-03-15 | 2023-06-13 |
| 4244 | From http:// domain to res:// domain xss by using IE Adobe’s PDF ActiveX plugin |
DOM XSS |
Microsoft |
Heige (@80vul) |
Bug Bounty | 2019-03-19 | 2023-06-13 |
| 4239 | A real XSS in OLX Bug Bounty |
Reflected XSS |
OLX |
Paulo Choupina (@PauloChoupina) |
Bug Bounty | 2019-03-21 | 2023-06-13 |
| 4230 | How I was able to turn self xss into reflected xss |
Reflected XSS |
NA |
Hein Thant Zin (@H3Lowr) |
Bug Bounty | 2019-03-31 | 2023-06-13 |
| 4212 | Obtaining XSS Using Moodle Features and Minor Bugs |
Login CSRF
XSS |
Moodle |
Daniel Thatcher (@_danielthatcher) |
Bug Bounty | 2019-04-09 | 2023-06-13 |
| 4209 | Spokeo Bug bounty Experience |
XSS |
Spokeo |
Nur A Alam Dipu (@Dipu1A) |
Bug Bounty | 2019-04-10 | 2023-06-13 |
| 4208 | Multiple xss in *.skype.com |
XSS |
Microsoft |
Jayateertha Guruprasad (@JayateerthaG) |
Bug Bounty | 2019-04-10 | 2023-06-13 |
| 4199 | Just 5 minute to get my 2nd stored XSS on Edmodo.com |
Stored XSS |
Edmodo |
ZishanAdThandar (@ZishanAdThandar) |
Bug Bounty | 2019-04-15 | 2023-06-13 |
| 4187 | [XSS] Reflected XSS Bypass Filter |
Reflected XSS |
NA |
Mohamed Sayed (@FlEx0Geek) |
Bug Bounty | 2019-04-23 | 2023-06-13 |
| 4181 | CSRF Attack can lead to Stored XSS |
CSRF
Stored XSS |
NA |
Mohamed Sayed (@FlEx0Geek) |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4179 | Stealing local storage data through XSS |
Stored XSS
Account takeover |
NA |
Harshad Gaikwad (@h4rsh4d) |
Bug Bounty | 2019-04-25 | 2023-06-13 |
| 4169 | From Reflected XSS to Account Takeover — Showing XSS Impact |
Reflected XSS
Account takeover |
NA |
A Bug’z Life (@abugzlife1) |
Bug Bounty | 2019-04-30 | 2023-06-13 |
| 4165 | XSS attacks on Googlebot allow search index manipulation |
Logic flaw |
Google |
Tom Anthony (@TomAnthonySEO) |
Bug Bounty | 2019-05-01 | 2023-06-13 |
