| 3652 | Reflected XSS In AT&T |
Reflected XSS |
AT&T |
Myo Min Thu (@myominthu1337) |
Bug Bounty | 2020-02-23 | 2023-06-13 |
| 3602 | Using Vulnerability Analytics Feature Like a Boss |
SSRF
Reflected XSS
Authentication bypass |
NA |
Ozgur Alp (@ozgur_bbh) |
Bug Bounty | 2020-03-15 | 2023-06-13 |
| 3597 | Where is my Train : Tracking to Hacking ! |
Reflected XSS
SQL injection |
Google |
Anil Tom (mr_4nk) |
Bug Bounty | 2020-03-17 | 2023-06-13 |
| 3594 | Reflected XSS on microsoft.com subdomains |
Reflected XSS |
Microsoft |
Raimonds Liepins (@lv_linkers) |
Bug Bounty | 2020-03-19 | 2023-06-13 |
| 3570 | $3133.7 Google Bug Bounty Writeup- XSS Vulnerability! |
Reflected XSS |
Google |
Pethuraj (@Pethuraj) |
Bug Bounty | 2020-04-01 | 2023-06-13 |
| 3523 | Bitrix WAF bypass |
Reflected XSS |
Mail.ru |
Roma Ramazanoff (@r0hack) |
Bug Bounty | 2020-04-27 | 2023-06-13 |
| 3507 | Reflected XSS on Microsoft.com via Angular Js template injection |
CSTI
XSS |
Microsoft |
Pratik Dabhi (@impratikdabhi) |
Bug Bounty | 2020-05-02 | 2023-06-13 |
| 3455 | Bug Hunting Stories: Schneider Electric & The Andover Continuum Web.Client |
XXE
Reflected XSS |
Uber |
Niv Levy (@restr1ct3d) |
Bug Bounty | 2020-05-27 | 2023-06-13 |
| 3438 | Cross-site scripting: The power of the hidden parameters. |
Reflected XSS |
Sony |
Kassih Mouhssine (@KassihMouhssine) |
Bug Bounty | 2020-05-30 | 2023-06-13 |
| 3431 | Information disclosure and reflected XSS on Tokopedia |
Reflected XSS
Information disclosure |
Tokopedia |
wis4nggeni |
Bug Bounty | 2020-06-01 | 2023-06-13 |
| 3429 | Double URL-encoded XSS |
Reflected XSS |
NA |
vict0ni (@vict0ni) |
Bug Bounty | 2020-06-02 | 2023-06-13 |
| 3426 | From CRLF to Account Takeover |
CRLF injection
HTTP response splitting
Reflected XSS
Account takeover |
NA |
Valeriy Shevchenko (@Krevetk0Valeriy) |
Bug Bounty | 2020-06-03 | 2023-06-13 |
| 3415 | XSS to Database Credential Leakage & Database Access — Story of total luck! |
Reflected XSS
Information disclosure |
NA |
Harsh Bothra (@harshbothra_) |
Bug Bounty | 2020-06-06 | 2023-06-13 |
| 3389 | Reflected User Input == XSS! |
Reflected XSS |
NA |
Silent Bronco (@silentbronco) |
Bug Bounty | 2020-06-15 | 2023-06-13 |
| 3384 | How I made more than $30K with Jolokia CVEs |
Reflected XSS
RCE
Information disclosure |
NA |
Patrik Fehrenbach (@ITSecurityguard) |
Bug Bounty | 2020-06-16 | 2023-06-13 |
| 3374 | Simple story of some complicated XSS on Facebook |
Reflected XSS |
Meta / Facebook |
Bipin Jitiya (@win3zz) |
Bug Bounty | 2020-06-21 | 2023-06-13 |
| 3336 | BBC Bug Bounty Write-up | XSS Vulnerability |
Reflected XSS |
BBC |
Pethuraj (@Pethuraj) |
Bug Bounty | 2020-07-05 | 2023-06-13 |
| 3306 | Exploiting Imported Libraries to Bypass WAF |
Reflected XSS |
NA |
Greg Gibson |
Bug Bounty | 2020-07-14 | 2023-06-13 |
| 3253 | Look at what i found in Comodo |
Stored XSS
Reflected XSS |
Comodo |
Maor Dayan (@mord1234) |
Bug Bounty | 2020-08-03 | 2023-06-13 |
| 3242 | Reflected XSS at fotoservice.hema.nl |
Reflected XSS
Open redirect |
Hema |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2020-08-06 | 2023-06-13 |
| 3238 | Reflected XSS in Facebook’s mirror websites |
Reflected XSS |
Meta / Facebook |
Sudhanshu Rajbhar (@sudhanshur705) |
Bug Bounty | 2020-08-08 | 2023-06-13 |
| 3174 | XSS that can pay your Bills :) |
Reflected XSS |
NA |
Smile Hacker (@_smile_hacker_) |
Bug Bounty | 2020-09-05 | 2023-06-13 |
| 3153 | Reflected XSS via a hidden parameter on Dutch Gov. website |
Reflected XSS |
Dutch Government |
Supras (@LdrTom) |
Bug Bounty | 2020-09-19 | 2023-06-13 |
| 3119 | Spend more time doing recon, you’ll find more BUGS. |
Reflected XSS
Information disclosure |
NA |
Vedant Tekale (@_justYnot) |
Bug Bounty | 2020-10-03 | 2023-06-13 |
| 3105 | CVE-2018–5230 | JIRA Cross Site Scripting |
Reflected XSS |
NA |
Paras Arora (@parasarora06) |
Bug Bounty | 2020-10-09 | 2023-06-13 |
