| 2459 | Stored XSS via Invite leading to Mass Account Takeover at Opera. |
Stored XSS |
Opera |
Samrat Gupta (@Sm4rty_) |
Bug Bounty | 2021-06-20 | 2023-06-13 |
| 2451 | A supply-chain breach: Taking over an Atlassian account |
XSS
CSRF |
Atlassian |
Dikla Barda, Yaara Shriki |
Bug Bounty | 2021-06-24 | 2023-06-13 |
| 2444 | Escalating XSS to Arbitrary File Read |
XSS
LFI |
NA |
Pethuraj (@Pethuraj) |
Bug Bounty | 2021-06-27 | 2023-06-13 |
| 2436 | Finding DOM Polyglot XSS in PayPal the Easy Way |
DOM XSS
CSP bypass |
Paypal |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2021-06-30 | 2023-06-13 |
| 2432 | Blind XSS in Apple School- Enrollment Data Disclosure |
Blind XSS |
Apple |
hackrzvijay (@hackrzvijay) |
Bug Bounty | 2021-07-05 | 2023-06-13 |
| 2431 | Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604) |
XSS |
SolarWinds |
Victor Kahan |
Bug Bounty | 2021-07-06 | 2023-06-13 |
| 2421 | Reflected XSS Through Insecure Dynamic Loading |
XSS |
NA |
Greg Gibson |
Bug Bounty | 2021-07-11 | 2023-06-13 |
| 2412 | ($380) XSS STORED in Bigo Bug Bounty Program |
XSS |
Bigo |
Aidil Arief |
Bug Bounty | 2021-07-14 | 2023-06-13 |
| 2409 | Stored XSS in Google Doubleclick Studio [Google Research Grant] |
Stored XSS |
Google |
Jasminder Pal Singh (@Singh_Jasminder) |
Bug Bounty | 2021-07-14 | 2023-06-13 |
| 2407 | How i was able to bypass Cloudflare for XSS! |
XSS |
NA |
hosein vita (@HoseinVita) |
Bug Bounty | 2021-07-16 | 2023-06-13 |
| 2400 | How I Bypassed a tough WAF to steal user cookies using XSS! |
XSS
WAF bypass |
NA |
Asem Eleraky (@melotover) |
Bug Bounty | 2021-07-19 | 2023-06-13 |
| 2396 | XSS-Through-Fuzzing-Default-IIS |
Reflected XSS |
NA |
0xdln (@0xdln) |
Bug Bounty | 2021-07-20 | 2023-06-13 |
| 2394 | Escalating Self-XSS To Stored XSS via Image injection + IDOR |
Self-XSS
Stored XSS
IDOR |
NA |
Demon (@R29k_) |
Bug Bounty | 2021-07-21 | 2023-06-13 |
| 2389 | How I Found Multiple Bugs On FaceBook In 1 Month And a Part For My Methodology & Tools |
SSTI
SQL injection
Authentication bypass
Privilege escalation
Reflected XSS |
Meta / Facebook |
Orwa Atyat (@GodfatherOrwa) |
Bug Bounty | 2021-07-23 | 2023-06-13 |
| 2388 | eBay XSS demo and guide to spear phishing |
XSS |
Ebay |
MLT (@0dayWizard) |
Bug Bounty | 2021-07-25 | 2023-06-13 |
| 2386 | How I found a bug in Apple within just in 5min. |
XSS |
Apple |
Akash basnet (@noneofyou007) |
Bug Bounty | 2021-07-25 | 2023-06-13 |
| 2383 | Mattermost Server v5.32 > v5.36 Reflected XSS in OAuth flow |
Reflected XSS
OAuth |
Mattermost |
zi0Black (@zi0Black) |
Bug Bounty | 2021-07-26 | 2023-06-13 |
| 2377 | XSS-Special-Cases: XSS That Works only in mobile Devices |
XSS |
NA |
0xdln (@0xdln) |
Bug Bounty | 2021-07-27 | 2023-06-13 |
| 2373 | Chaining Open Redirect with XSS to Account Takeover |
Open redirect
XSS
Account takeover |
NA |
Radian ID |
Bug Bounty | 2021-07-29 | 2023-06-13 |
| 2368 | Account takeover via stored xss |
Stored XSS |
NA |
vikram naidu (@ImVikram7msd) |
Bug Bounty | 2021-07-30 | 2023-06-13 |
| 2365 | How I bypassed website using Akamai waf |
XSS |
NA |
Yusif Cəfərov (@yusifceferov_) |
Bug Bounty | 2021-07-31 | 2023-06-13 |
| 2364 | How I escalate my Self-Stored XSS to Account Takeover with the help of IDOR |
Self-XSS
IDOR
Account takeover |
HackerEarth |
Jefferson Gonzales (@gonzxph) |
Bug Bounty | 2021-07-31 | 2023-06-13 |
| 2359 | Multi Domain DOM Cross Site Scripting |
DOM XSS |
NA |
Sam Paredes (@caffeinevulns) |
Bug Bounty | 2021-08-01 | 2023-06-13 |
| 2356 | Tale of XSS in Angular |
Reflected XSS |
NA |
Sicksec (@OriginalSicksec) |
Bug Bounty | 2021-08-02 | 2023-06-13 |
| 2348 | PostMessage Xss vulnerability on private program |
XSS
postMessage |
NA |
Youghourta Ghannei (@YoughartaG) |
Bug Bounty | 2021-08-03 | 2023-06-13 |
