| 3590 | The Ticklish XSS |
XSS |
NA |
Adnan Malik (@adnanmalikinfo) |
Bug Bounty | 2020-03-23 | 2023-06-13 |
| 3589 | Self XSS to Account Takeover |
Account takeover
XSS
CSRF |
NA |
Ch3ckM4te |
Bug Bounty | 2020-03-24 | 2023-06-13 |
| 3587 | XSS WAF & Character limitation bypass like a boss |
XSS |
NA |
Prial Islam Khan (@prial261) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3586 | Pentesting Cisco SD-WAN Part 1: Attacking vManage |
Cypher injection
Stored XSS |
Cisco |
Julien Legras (@Julien_Legras) |
Bug Bounty | 2020-03-25 | 2023-06-13 |
| 3579 | Executing scripts in Safari Reader Mode to CSP Bypass |
XSS
CSP bypass |
Apple |
Nikhil Mittal (@c0d3G33k) |
Bug Bounty | 2020-03-28 | 2023-06-13 |
| 3576 | CVE-2019-17004—Semi Universal XSS affecting Firefox for iOS |
Universal XSS |
Mozilla
Brave Software |
cliqz (@cliqz) |
Bug Bounty | 2020-03-30 | 2023-06-13 |
| 3570 | $3133.7 Google Bug Bounty Writeup- XSS Vulnerability! |
Reflected XSS |
Google |
Pethuraj (@Pethuraj) |
Bug Bounty | 2020-04-01 | 2023-06-13 |
| 3566 | Always escalate! From Self-XSS to Persistent XSS on Login Portal |
Self-XSS
CSRF |
NA |
Phuriphat Boontanon (@zanezenzane) |
Bug Bounty | 2020-04-02 | 2023-06-13 |
| 3556 | Stored XSS in Google Nest |
Stored XSS |
Google |
Harikrishnan Chandraganesan (@hari_cybex) |
Bug Bounty | 2020-04-07 | 2023-06-13 |
| 3548 | Netflix Party — XSS Vulnerabilities |
XSS |
Netflix |
kr-b (@pirxcy) |
Bug Bounty | 2020-04-14 | 2023-06-13 |
| 3540 | CSRF to RCE bug chain in Prestashop v1.7.6.4 and below |
RCE
CSRF
Stored XSS
Unrestricted file upload |
PrestaShop |
Sivanesh Ashok (@sivaneshashok) |
Bug Bounty | 2020-04-18 | 2023-06-13 |
| 3534 | The Secret sauce of bug bounty |
CSTI
Stored XSS
CORS misconfiguration |
NA |
Mohamed Slamat (@oxxy37) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3533 | From P5 to P2, from nothing to 1000+$ |
Race condition
Self-XSS
Blind XSS |
NA |
Mohamed Daher (@DaherMohamed4) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3526 | XSS in Peerio 2 Windows Application (Write Up) |
XSS |
Peerio |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2020-04-24 | 2023-06-13 |
| 3525 | Fun With CORS Misconfiguration — II |
CORS misconfiguration
XSS |
NA |
Aman Gupta (@gupt4j1) |
Bug Bounty | 2020-04-25 | 2023-06-13 |
| 3523 | Bitrix WAF bypass |
Reflected XSS |
Mail.ru |
Roma Ramazanoff (@r0hack) |
Bug Bounty | 2020-04-27 | 2023-06-13 |
| 3518 | Indirect UXSS issue on a private Android target app |
Universal XSS |
NA |
Kunal pandey (@kunalp94) |
Bug Bounty | 2020-04-29 | 2023-06-13 |
| 3514 | Researching Polymorphic Images for XSS on Google Scholar |
Stored XSS |
Google |
Lorenzo Stella (@lorenzostella) |
Bug Bounty | 2020-04-30 | 2023-06-13 |
| 3507 | Reflected XSS on Microsoft.com via Angular Js template injection |
CSTI
XSS |
Microsoft |
Pratik Dabhi (@impratikdabhi) |
Bug Bounty | 2020-05-02 | 2023-06-13 |
| 3504 | DOM XSS in Gmail with a little help from Chrome |
DOM XSS |
Google |
Enguerran Gillier (@opnsec) |
Bug Bounty | 2020-05-03 | 2023-06-13 |
| 3502 | G Suite - Device Management XSS |
XSS |
Google |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3501 | Multiple XSS |
Stored XSS |
Google |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3500 | Stored XSS on biz.waze.com |
XSS |
Google (Waze) |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3498 | Google Acquisition XSS (Apigee) |
XSS |
Google |
TnMch (@TnMch_) |
Bug Bounty | 2020-05-06 | 2023-06-13 |
| 3497 | DOM XSS Walkthrough |
DOM XSS |
NA |
Youssef Lahouifi (@YLahouifi) |
Bug Bounty | 2020-05-06 | 2023-06-13 |
