| 1150 | Saving more than 100,000 website from a Watering Hole attack |
Web cache poisoning
Watering hole attack |
HubSpot |
mohamad mahmoudi (@Lotus_619) |
Bug Bounty | 2022-08-31 | 2023-06-13 |
| 1137 | Caching the Un-cacheables - Abusing URL Parser Confusions (Web Cache Poisoning Technique) |
Web cache poisoning
XSS
DoS |
Glassdoor |
Harel (@h4r3l) |
Bug Bounty | 2022-09-02 | 2023-06-13 |
| 1052 | Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library |
Universal XSS
SSRF
Open redirect
Web cache poisoning |
Netlify
Gemini
PancakeSwap
Docusign
Moonpay
Celo |
Sam Curry (@samwcyo) |
Bug Bounty | 2022-09-21 | 2023-06-13 |
| 1014 | Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) |
Web cache poisoning |
Akamai
Paypal
Airbnb
Tesla
Valve
Zomato
Whitejar
Starbucks
PlayStation
Marriott
Hyatt Hotels
Goldman Sachs
Microsoft
Apple
LastPass
Brussels Airlines
Mastercard
eToro BBP
BMW Group
Rockstar Games |
Francesco Mariani (@_medusa_1_) |
Bug Bounty | 2022-09-29 | 2023-06-13 |
| 628 | Web-Cache Poisoning $$$? Worth it? |
Web cache poisoning
XSS |
NA |
Yaseen Zubair |
Bug Bounty | 2023-01-02 | 2023-06-13 |
| 523 | How i hacked all Zendesk sites 265,000 site by one line |
Web cache poisoning |
Zendesk |
Ahmed Salah Abdalhfaz (@Elsfa7-110) |
Bug Bounty | 2023-01-30 | 2023-06-13 |
| 358 | Web Cache Poisoning - Capability to disable/deface the app.██████████.com (A tale of poisoning through the layers of caching) |
Web cache poisoning |
NA |
Ankit Singh (@AnkitCuriosity) |
Bug Bounty | 2023-03-03 | 2023-06-13 |
