| 4926 | Taking note: XSS to RCE in the Simplenote Electron client |
XSS
RCE |
Automattic |
Yasin Soliman (@SecurityYasin) |
Bug Bounty | 2017-11-22 | 2023-06-13 |
| 4920 | DEV XSS Protection bypass made my quickest bounty ever!! |
XSS |
NA |
Yeasir Arafat |
Bug Bounty | 2017-12-03 | 2023-06-13 |
| 4908 | Microsoft SharePoint%27s %27Follow%27 Feature XSS (CVE-2017–8514) -Adesh Kolte |
XSS |
Microsoft |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2017-12-21 | 2023-06-13 |
| 4907 | Jumping to the hell with 10 attempts to bypass devil%27s WAF |
XSS |
NA |
Ak1T4 (@akita_zen) |
Bug Bounty | 2017-12-27 | 2023-06-13 |
| 4897 | Chaining Bugs to Steal Yahoo Contacts! |
CORS misconfiguration
XSS |
Yahoo! / Verizon Media |
Corben Leo (@hacker_) |
Bug Bounty | 2018-01-11 | 2023-06-13 |
| 4892 | Reflected XSS via AngularJS Template Injection |
Reflected XSS
CSTI |
Hostinger |
Taha Ibrahim Draidia |
Bug Bounty | 2018-01-17 | 2023-06-13 |
| 4891 | $1800 in less than an hour. |
CSRF
XSS |
Indeed |
yappare (@yappare) |
Bug Bounty | 2018-01-17 | 2023-06-13 |
| 4885 | Asus Cross Site Scrpting And Directory Listing Vulnerability |
Directory listing
XSS |
Asus |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-01-23 | 2023-06-13 |
| 4883 | Reflected XSS + Possible Server Side Template Injection in HubSpot CMS ( All Websites Uses HubSpot was affected ) |
Reflected XSS |
HubSpot |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-01-24 | 2023-06-13 |
| 4877 | How I got 22000$ worth ethereum |
Blind XSS |
NA |
Shubham Gupta (@hackerspider1) |
Bug Bounty | 2018-01-26 | 2023-06-13 |
| 4876 | How I was able to Download Any file from Web server! |
XSS
IDOR |
NA |
hammadhassan924 |
Bug Bounty | 2018-01-27 | 2023-06-13 |
| 4874 | How I was able to Bypass XSS Protection on HackerOne’s Private Program |
XSS |
NA |
Jay Jani (@JayJani007) |
Bug Bounty | 2018-02-02 | 2023-06-13 |
| 4863 | Stored XSS on Snapchat |
Stored XSS |
Snapchat |
Mrityunjoy (@mitunjoy11) |
Bug Bounty | 2018-02-09 | 2023-06-13 |
| 4862 | Oracle Cross Site Scripting Vulnerability -Adesh Kolte |
Reflected XSS |
Oracle |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-02-10 | 2023-06-13 |
| 4856 | Exploiting CORS Miss configuration using XSS |
CORS misconfiguration |
NA |
Noman Shaikh (@nomanali181) |
Bug Bounty | 2018-02-18 | 2023-06-13 |
| 4843 | How I found A Surprising XSS Vulnerability on Oracle NetSuite ? |
XSS |
Oracle |
Circle Ninja (@circleninja) |
Bug Bounty | 2018-03-02 | 2023-06-13 |
| 4839 | Stored XSS, and SSRF in Google using the Dataset Publishing Language |
Stored XSS
SSRF |
Google |
Craig Arendt (@signalchaos) |
Bug Bounty | 2018-03-07 | 2023-06-13 |
| 4831 | Google adwords 3133.7$ Stored XSS |
Stored XSS |
Google |
Emad Shanab (@Alra3ees) |
Bug Bounty | 2018-03-21 | 2023-06-13 |
| 4827 | Reflected XSS Moogaloop SWF ( Version < 6.2.x ) |
Flash XSS
Reflected XSS |
Vimeo |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-03-26 | 2023-06-13 |
| 4823 | How I hacked one cryptocurrency service |
Blind XSS
Reflected XSS
CSRF |
PayKassa |
Valeriy Shevchenko (@Krevetk0Valeriy) |
Bug Bounty | 2018-03-31 | 2023-06-13 |
| 4822 | XSS In sports.tw.campaign.yahoo.net |
Reflected XSS |
Yahoo! / Verizon Media |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-03-31 | 2023-06-13 |
| 4821 | XSS in Yahoo Subdomain |
Flash XSS |
Yahoo! / Verizon Media |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-03-31 | 2023-06-13 |
| 4818 | Beyond XSS: Edge Side Include Injection |
ESI injection
SSRF
XSS |
Squid
Varnish |
Louis Dion-Marcil (@ldionmarcil) |
Bug Bounty | 2018-04-03 | 2023-06-13 |
| 4817 | How I caught Multiple vulnerabilities in Udemy.com, But not rewarded for serious XSS vulnerability :( |
XSS
HTML injection |
Udemy |
Satyendra Shrivastava |
Bug Bounty | 2018-04-05 | 2023-06-13 |
| 4814 | “Exploiting a Single Parameter” |
SSRF
XSS |
NA |
Hisham Mir (@Hishammir1) |
Bug Bounty | 2018-04-06 | 2023-06-13 |
