| 1005 | CSRF Attack — 0 click account delete - 1st write-up |
CSRF
HTML injection |
NA |
Deepak (@bug_vs_me) |
Bug Bounty | 2022-10-03 | 2023-06-13 |
| 955 | Story about Escalation of HTML Injection to EC2 Instance credentials leak |
SSRF
HTML injection |
NA |
Harsh Tandel (@H4r5h_T4nd37) |
Bug Bounty | 2022-10-14 | 2023-06-13 |
| 876 | Improper Access Control — My Third Finding on Hackerone! |
HTML injection
Broken Access Control |
NA |
mehedishakeel (@mehedishakeel) |
Bug Bounty | 2022-11-02 | 2023-06-13 |
| 826 | Stealing passwords from infosec Mastodon - without bypassing CSP |
HTML injection |
Mastodon
infosec.exchange |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2022-11-15 | 2023-06-13 |
| 778 | Able to Mass-change profile section leads to my first $BOUNTY$ |
HTML injection
IDOR
CSRF |
NA |
SYRINE |
Bug Bounty | 2022-11-25 | 2023-06-13 |
| 686 | Param Hunting to Injections |
HTML injection
XSS |
NA |
302 Found |
Bug Bounty | 2022-12-16 | 2023-06-13 |
| 500 | Play with Google, Twitter, Apple, Dell |
XSS
HTML injection
IDOR
Information disclosure |
Google
Twitter
Apple
Dell |
rezaduty (@rezaduty) |
Bug Bounty | 2023-02-03 | 2023-06-13 |
| 448 | I Got United Nation’s Hall Of Fame With This Simple Technique! |
HTML injection |
United Nations |
Faiyaz Ahmad |
Bug Bounty | 2023-02-15 | 2023-06-13 |
| 427 | Escaping misconfigured VSCode extensions |
Path traversal
DNS rebinding
XSS
HTML injection
Webview
CSP bypass |
Microsoft (SARIF viewer & Live Preview) |
Vasco Franco |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 420 | Exploiting an HTML injection with dangling markup |
HTML injection
Dangling Markup Injection |
NA |
Yoan Montoya |
Bug Bounty | 2023-02-21 | 2023-06-13 |
| 373 | Exfiltrating AWS Credentials via PDF Rendering of Unsanitized Input |
SSRF
HTML injection
XSS |
NA |
Cristi Vlad (@CristiVlad25) |
Bug Bounty | 2023-03-01 | 2023-06-13 |
| 76 | Stored Iframe Injection & Permanent Open Redirection - Zero Day |
HTML injection
Open redirect |
Discourse |
Jerry Shah (@Jerry) |
Bug Bounty | 2023-05-18 | 2023-06-13 |
