| 3534 | The Secret sauce of bug bounty |
CSTI
Stored XSS
CORS misconfiguration |
NA |
Mohamed Slamat (@oxxy37) |
Bug Bounty | 2020-04-22 | 2023-06-13 |
| 3514 | Researching Polymorphic Images for XSS on Google Scholar |
Stored XSS |
Google |
Lorenzo Stella (@lorenzostella) |
Bug Bounty | 2020-04-30 | 2023-06-13 |
| 3501 | Multiple XSS |
Stored XSS |
Google |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3500 | Stored XSS on biz.waze.com |
XSS |
Google (Waze) |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3482 | How I got my first swag on Edmodo with a simple XSS. |
Stored XSS |
Edmodo |
Sanjay Verdu (@codersanjay) |
Bug Bounty | 2020-05-16 | 2023-06-13 |
| 3476 | Stored XSS Leads to Plaintext Password Disclosure |
Stored XSS
Information disclosure
Unrestricted file upload |
NA |
bad5ect0r (@bad5ect0r) |
Bug Bounty | 2020-05-17 | 2023-06-13 |
| 3474 | Cors Blimey: The power of chaining CORS |
CORS misconfiguration
Stored XSS
CSRF |
NA |
Hazana (@hazanasec) |
Bug Bounty | 2020-05-17 | 2023-06-13 |
| 3458 | Story About OTP Bypass To Stored XSS |
OTP bypass
Stored XSS |
NA |
PJ Borah (@PJBorah1) |
Bug Bounty | 2020-05-23 | 2023-06-13 |
| 3453 | Stored XSS in Yahoo mail IOS app($3500) |
Stored XSS |
Yahoo! / Verizon Media |
kminthein / weev3 (@kyawminthein99) |
Bug Bounty | 2020-05-28 | 2023-06-13 |
| 3452 | Stored XSS in Microsoft outlook |
Stored XSS |
Microsoft |
kminthein / weev3 (@kyawminthein99) |
Bug Bounty | 2020-05-28 | 2023-06-13 |
| 3451 | iOS Outlook Stored XSS Write-Up($3000) |
XSS |
Microsoft |
kminthein / weev3 (@kyawminthein99) |
Bug Bounty | 2020-05-28 | 2023-06-13 |
| 3446 | XSS Stored On Messages In [ Outlook Web — Outlook Android App ] |
Stored XSS |
Microsoft |
ElMahdi Mrhassel (@ElMrhassel) |
Bug Bounty | 2020-05-28 | 2023-06-13 |
| 3382 | A subtle stored-XSS in WordPress core |
Stored XSS
RCE |
WordPress |
Sam Thomas (@_s_n_t) |
Bug Bounty | 2020-06-17 | 2023-06-13 |
| 3354 | Story of stealing mail conversation, contacts in mail.ru and myMail iOS applications via XSS |
Stored XSS |
Mail.ru |
kminthein / weev3 (@kyawminthein99) |
Bug Bounty | 2020-06-30 | 2023-06-13 |
| 3352 | Stored XSS with Password Recovery Page |
Stored XSS |
NA |
Lütfü Mert Ceylan (@lutfumertceylan) |
Bug Bounty | 2020-07-01 | 2023-06-13 |
| 3309 | Self stored xss to full account takeover |
XSS
Account takeover |
NA |
Jatin Aesthetic (@techyfreakk) |
Bug Bounty | 2020-07-12 | 2023-06-13 |
| 3253 | Look at what i found in Comodo |
Stored XSS
Reflected XSS |
Comodo |
Maor Dayan (@mord1234) |
Bug Bounty | 2020-08-03 | 2023-06-13 |
| 3244 | Stored XSS on Slack, Bug Bounty |
Stored XSS |
Slack |
Tommysuriel |
Bug Bounty | 2020-08-06 | 2023-06-13 |
| 3198 | (Shopify.com) Blind Stored XSS Via Staff Name $$$$ |
Stored XSS |
Shopify |
Rio Mulyadi (@riomulyadi_) |
Bug Bounty | 2020-08-19 | 2023-06-13 |
| 3197 | How I Found My First Bug Stored Xss and Earned My First Bounty 1000$ |
Stored XSS |
Badoo |
Nazmul Haque (@0xnazmul) |
Bug Bounty | 2020-08-21 | 2023-06-13 |
| 3184 | The Importance of keeping up to date, or how I found an interesting bug thanks to a tweet |
Stored XSS |
NA |
Vuk Ivanovic |
Bug Bounty | 2020-08-29 | 2023-06-13 |
| 3181 | Stop scratching the surface, and hack the dependencies |
Stored XSS |
NA |
Rotem Reiss (@rotem_reiss) |
Bug Bounty | 2020-08-31 | 2023-06-13 |
| 3145 | $25K Instagram Almost XSS Filter Link — Facebook Bug Bounty |
Stored XSS |
Meta / Facebook |
Andres Alonso (@al0nnso) |
Bug Bounty | 2020-09-20 | 2023-06-13 |
| 3027 | Microsoft Bug Bounty Writeup – Stored XSS Vulnerability |
Stored XSS |
Microsoft |
Pethuraj (@Pethuraj) |
Bug Bounty | 2020-11-15 | 2023-06-13 |
| 2983 | [CVE-2019-17674 & CVE-2020-11025] Stored XSS through navigation menu item edited in Customizer in Wordpress (Write Up) |
Stored XSS |
WordPress |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2020-12-06 | 2023-06-13 |
