| 4628 | Liking GitHub repositories on behalf of other users — Stored XSS in WebComponents.org |
Stored XSS |
Webcomponents.org |
Thomas Orlita (@ThomasOrlita) |
Bug Bounty | 2018-08-23 | 2023-06-13 |
| 4624 | My first valid xss(@Hackerone) |
XSS |
NA |
Jatin Aesthetic (@techyfreakk) |
Bug Bounty | 2018-08-25 | 2023-06-13 |
| 4620 | Reflected Swf XSS at ( https://plugins.svn.wordpress.org ) |
Flash XSS
Reflected XSS |
WordPress |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-09-07 | 2023-06-13 |
| 4616 | Reflected XSS in Django REST Framework Api at MapBox Subdomain |
Reflected XSS |
Mapbox |
Mohamed Haron (@m7mdharon) |
Bug Bounty | 2018-08-29 | 2023-06-13 |
| 4615 | $100 Bounty in 300 seconds isn’t bad !!! |
Stored XSS |
Zoho |
Rohan Chavan (@rohanchavan1918) |
Bug Bounty | 2018-08-31 | 2023-06-13 |
| 4614 | Pwned Together: Hacking dev.to |
Stored XSS |
Dev.to |
Antony Garand (@AntoGarand) |
Bug Bounty | 2018-08-31 | 2023-06-13 |
| 4605 | Write-up - Love story, from closed as informative to $3,500 USD, XSS stored in Yahoo! iOS MaiL app |
Stored XSS |
Yahoo! / Verizon Media |
Omar Espino (@omespino) |
Bug Bounty | 2018-09-07 | 2023-06-13 |
| 4601 | Reflected XSS in Google Code Jam |
Reflected XSS |
Google |
Thomas Orlita (@ThomasOrlita) |
Bug Bounty | 2018-09-08 | 2023-06-13 |
| 4600 | Stored XSS Vulnerability in Tumblr |
Stored XSS |
Automattic |
Anas Mahmood (@AnasIsHere) |
Bug Bounty | 2018-09-08 | 2023-06-13 |
| 4598 | ZOL Zimbabwe Authentication Bypass to XSS & SQLi Vulnerability – Bug Bounty POC |
XSS
SQL injection |
ZOL Zimbabwe |
Muhammad Khizer Javed (@khizer_javed47) |
Bug Bounty | 2018-09-09 | 2023-06-13 |
| 4596 | Stored XSS Vulnerability in H1C Private site |
Stored XSS |
NA |
Anas Mahmood (@AnasIsHere) |
Bug Bounty | 2018-09-09 | 2023-06-13 |
| 4589 | Reflected DOM XSS and CLICKJACKING on https://silvergoldbull.de/bt.html |
DOM XSS
Clickjacking |
Silver Gold Bull |
Daniel Maksimovic |
Bug Bounty | 2018-09-13 | 2023-06-13 |
| 4587 | Hacking your own antivirus for fun and profit (Safe browsing gone wrong) |
Reflected XSS |
Bullguard |
Martin Thirup Christensen (@Mthirup) |
Bug Bounty | 2018-09-14 | 2023-06-13 |
| 4585 | Persistent Cross-Site Scripting on redacted worth $2,000 |
Stored XSS |
NA |
Muhammad Asim Shahzad (@protector47) |
Bug Bounty | 2018-09-15 | 2023-06-13 |
| 4582 | XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites |
XSS |
Google |
Randy Westergren (@RandyWestergren) |
Bug Bounty | 2018-09-17 | 2023-06-13 |
| 4581 | Reflected XSS at Philips.com |
Reflected XSS |
Philips |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2018-09-17 | 2023-06-13 |
| 4578 | How i bypassed AKAMAI KONA WAF , XSS in overstock.com ! |
XSS |
Overstock.com |
Oktavandi (@0ktavandi) |
Bug Bounty | 2018-09-18 | 2023-06-13 |
| 4574 | Another XSS in Google Colaboratory |
XSS |
Google |
Michał Bentkowski (@SecurityMB) |
Bug Bounty | 2018-09-20 | 2023-06-13 |
| 4572 | R-XSS -> CSRF bypass to account takeover/ |
Reflected XSS
CSRF |
NA |
Nirmal Dahal (@TheNittam) |
Bug Bounty | 2018-09-21 | 2023-06-13 |
| 4571 | How I XSS’ed Uber and Bypassed CSP |
Reflected XSS |
Uber |
Efkan (@mefkansec) |
Bug Bounty | 2018-09-22 | 2023-06-13 |
| 4568 | Weaponizing XSS Attacking Internal System |
Blind XSS |
NA |
Rahul R |
Bug Bounty | 2018-09-25 | 2023-06-13 |
| 4567 | [XSS] survey.dropbox.com |
XSS |
Dropbox |
Kumar |
Bug Bounty | 2018-09-25 | 2023-06-13 |
| 4557 | Collecting Shells by the Sea of NAS Vulnerabilities |
OS command injection
XSS
CSRF |
Lenovo |
Rick Ramgattie (@RRamgattie) |
Bug Bounty | 2018-10-01 | 2023-06-13 |
| 4556 | How i found Stored xss on your-domain.redacted.com |
XSS |
NA |
Rudra Sarkar (@rudr4_sarkar) |
Bug Bounty | 2018-10-02 | 2023-06-13 |
| 4555 | Applying a small bypass to steal Facebook Session tokens in Uber |
XSS
CSP bypass
OAuth |
Uber |
Samuel (@saamux) |
Bug Bounty | 2018-10-02 | 2023-06-13 |
