| 4735 | How I found XSS via SSRF vulnerability -Adesh Kolte |
SSRF
XSS |
CERT-EU
Motorola
Stanford |
Adesh Nandkishor kolte (@AdeshKolte) |
Bug Bounty | 2018-06-07 | 2023-06-13 |
| 4733 | Steam, Fire, and Paste – A Story of UXSS via DOM-XSS & Clickjacking in Steam Inventory Helper |
DOM XSS
Universal XSS
Clickjacking
Browser extension hacking |
NA |
Matthew Bryant (@IAmMandatory) |
Bug Bounty | 2018-06-08 | 2023-06-13 |
| 4727 | Vulnerability Netflix (cross-site-scripting) XSS |
Reflected XSS |
Netflix |
Bada Diaz (@bada77) |
Bug Bounty | 2018-06-13 | 2023-06-13 |
| 4725 | The 2.5 BTC Stored XSS |
Stored XSS |
NA |
Khaled Hassan |
Bug Bounty | 2018-06-13 | 2023-06-13 |
| 4724 | Reflected XSS in 360totalsecurity |
Reflected XSS |
360totalsecurity |
Taha Smily (@tahakhantaha) |
Bug Bounty | 2018-06-14 | 2023-06-13 |
| 4723 | Reflected Client XSS at Amazon.com |
Reflected XSS |
Amazon |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-06-15 | 2023-06-13 |
| 4722 | How i found blind XSS in Apple |
Blind XSS |
Apple |
Taha Smily (@tahakhantaha) |
Bug Bounty | 2018-06-18 | 2023-06-13 |
| 4716 | XSS in Google Colaboratory + CSP bypass |
XSS
CSP bypass |
Google |
Michał Bentkowski (@SecurityMB) |
Bug Bounty | 2018-06-21 | 2023-06-13 |
| 4714 | Fastest Fix on Open Bug Bounty Platform |
Reflected XSS
CSRF |
Kevag Telekom GmbH |
Wen Bin KONG (@kongwenbin) |
Bug Bounty | 2018-06-24 | 2023-06-13 |
| 4709 | Take Advantage of Out-of-Scope Domains in Bug Bounty Programs |
XSS |
NA |
Abdullah Hussam (@Abdulahhusam) |
Bug Bounty | 2018-06-27 | 2023-06-13 |
| 4704 | The $12,000 Intersection between Clickjacking, XSS, and Denial of Service |
Clickjacking
XSS
DoS |
Bustabit |
Sam Curry (@samwcyo) |
Bug Bounty | 2018-07-04 | 2023-06-13 |
| 4698 | Persistent XSS at AH.nl |
Stored XSS |
AH.nl |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-07-09 | 2023-06-13 |
| 4696 | XSS in Microsoft subdomain |
XSS |
Microsoft |
Sudhanshu Rajbhar (@sudhanshur705) |
Bug Bounty | 2018-07-13 | 2023-06-13 |
| 4692 | WRITE UP – TELEGRAM BUG BOUNTY – WHATSAPP N/A [“Blind” XSS Stored iOS in messengers twins, who really care about your security?] |
Blind XSS |
Meta / Facebook |
Omar Espino (@omespino) |
Bug Bounty | 2018-07-16 | 2023-06-13 |
| 4681 | Google Assistant Bug Worth $3133.7 ! |
Reflected XSS |
Google |
Circle Ninja (@circleninja) |
Bug Bounty | 2018-07-21 | 2023-06-13 |
| 4673 | How I found XSS on Amazon? |
XSS |
Amazon (CloudFront) |
Coding_Karma (@karma_coded) |
Bug Bounty | 2018-07-26 | 2023-06-13 |
| 4670 | Microsoft Office 365 Stored XSS |
Stored XSS |
Microsoft |
Pethuraj (@Pethuraj) |
Bug Bounty | 2018-07-29 | 2023-06-13 |
| 4669 | Yahoo — Two XSSi vulnerabilities chained to steal user information. ($750 Bounty) |
XSSI |
Yahoo! / Verizon Media |
Brian Hyde (@0xHyde) |
Bug Bounty | 2018-07-29 | 2023-06-13 |
| 4661 | Blind-XSS in Chrome Experiments - Google (Write Up) |
Blind XSS |
Google |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2018-08-03 | 2023-06-13 |
| 4660 | Stored XSS in GameSkinny |
Stored XSS |
GameSkinny |
Friendly (@SkeletorKeys) |
Bug Bounty | 2018-08-03 | 2023-06-13 |
| 4659 | Blind-XSS in Chrome Experiments - Google (Write Up) |
Blind XSS |
Google |
Evan Ricafort (@evanricafort) |
Bug Bounty | 2018-08-03 | 2023-06-13 |
| 4657 | Reflected XSS Primagames.com |
Reflected XSS |
Prima Games |
Friendly (@SkeletorKeys) |
Bug Bounty | 2018-08-06 | 2023-06-13 |
| 4656 | Self XSS leads to blind XSS and reflected XSS. |
Blind XSS
Reflected XSS |
NA |
Friendly (@SkeletorKeys) |
Bug Bounty | 2018-08-06 | 2023-06-13 |
| 4636 | XSS at Hubspot and XSS in email areas. |
XSS |
HubSpot |
Friendly (@SkeletorKeys) |
Bug Bounty | 2018-08-13 | 2023-06-13 |
| 4633 | 3 Minutes & XSS! |
XSS |
Edmodo |
Ashish Jha |
Bug Bounty | 2018-08-17 | 2023-06-13 |
