Writeups Bug Bounty hackerone
Information Disclosure
https://hackerone.com/reports/321249https://hackerone.com/reports/200079https://hackerone.com/reports/975047https://hackerone.com/reports/724944https://hackerone.com/reports/188719https://hackerone.com/reports/290930https://hackerone.com/reports/703600https://hackerone.com/reports/669438https://hackerone.com/reports/775123https://hackerone.com/reports/542340https://hackerone.com/reports/268888https://hackerone.com/reports/689997https://hackerone.com/reports/489146https://hackerone.com/reports/961757https://hackerone.com/reports/801197https://hackerone.com/reports/963352https://hackerone.com/reports/805027https://hackerone.com/reports/410015https://hackerone.com/reports/378122https://hackerone.com/reports/237232https://hackerone.com/reports/707433https://hackerone.com/reports/674757https://hackerone.com/reports/812351https://hackerone.com/reports/640488https://hackerone.com/reports/807448
subdomain takeover
https://hackerone.com/reports/294201https://hackerone.com/reports/202767https://hackerone.com/reports/863551https://hackerone.com/reports/661751https://hackerone.com/reports/869605https://hackerone.com/reports/484420https://hackerone.com/reports/779442https://hackerone.com/reports/325336https://hackerone.com/reports/317005
AWS
https://hackerone.com/reports/507097https://hackerone.com/reports/128088https://hackerone.com/reports/819278https://hackerone.com/reports/819278https://hackerone.com/reports/700051https://hackerone.com/reports/209223https://hackerone.com/reports/764243https://hackerone.com/reports/809212https://hackerone.com/reports/222724https://hackerone.com/reports/229690https://hackerone.com/reports/278191https://hackerone.com/reports/710319https://hackerone.com/reports/163476https://hackerone.com/reports/877303https://hackerone.com/reports/57505https://hackerone.com/reports/398400
Host Header Injection
https://hackerone.com/reports/698416https://hackerone.com/reports/758380https://hackerone.com/reports/158019https://hackerone.com/reports/182670https://hackerone.com/reports/13286https://hackerone.com/reports/229498https://hackerone.com/reports/170333https://hackerone.com/reports/221908https://hackerone.com/reports/264405https://hackerone.com/reports/226659https://hackerone.com/reports/94637https://hackerone.com/reports/791293https://hackerone.com/reports/123513https://hackerone.com/reports/158482https://hackerone.com/reports/7357https://hackerone.com/reports/157465https://hackerone.com/reports/548094https://hackerone.com/reports/167631https://hackerone.com/reports/301592https://hackerone.com/reports/167809https://hackerone.com/reports/283786
Open Redirect
https://hackerone.com/reports/206591https://hackerone.com/reports/125791https://hackerone.com/reports/260744https://hackerone.com/reports/330008https://hackerone.com/reports/726375https://hackerone.com/reports/158434https://hackerone.com/reports/497664https://hackerone.com/reports/104087https://hackerone.com/reports/240091https://hackerone.com/reports/749338https://hackerone.com/reports/87027https://hackerone.com/reports/87027https://hackerone.com/reports/126203https://hackerone.com/reports/101962https://hackerone.com/reports/165046https://hackerone.com/reports/143240https://hackerone.com/reports/159522https://hackerone.com/reports/111968https://hackerone.com/reports/140447https://hackerone.com/reports/125003https://hackerone.com/reports/692154https://hackerone.com/reports/753399https://hackerone.com/reports/311330https://hackerone.com/reports/311330https://hackerone.com/reports/683298https://hackerone.com/reports/562417https://hackerone.com/reports/469803https://hackerone.com/reports/320376https://hackerone.com/reports/57163https://hackerone.com/reports/246897https://hackerone.com/reports/625546https://hackerone.com/reports/101962https://hackerone.com/reports/390663https://hackerone.com/reports/473064https://hackerone.com/reports/26962https://hackerone.com/reports/373916https://hackerone.com/reports/131552https://hackerone.com/reports/380939https://hackerone.com/reports/608031https://hackerone.com/reports/171398https://hackerone.com/reports/171398https://hackerone.com/reports/677617https://hackerone.com/reports/562417https://hackerone.com/reports/193027https://hackerone.com/reports/503922https://hackerone.com/reports/209520
XSS
https://hackerone.com/reports/840759 (Reflected)https://hackerone.com/reports/438240 (Reflected)https://hackerone.com/reports/438240 (Reflected)https://hackerone.com/reports/774792 (Reflected)https://hackerone.com/reports/986386 (Reflected)https://hackerone.com/reports/292457 (Reflected)https://hackerone.com/reports/971360 (Reflected)https://hackerone.com/reports/409230 (Reflected)https://hackerone.com/reports/639796 (Reflected)https://hackerone.com/reports/191810 (Reflected)https://hackerone.com/reports/915573 (Reflected)https://hackerone.com/reports/301680 (Reflected)https://hackerone.com/reports/150568 (Reflected)https://hackerone.com/reports/629745 (Reflected)https://hackerone.com/reports/540428 (Reflected)https://hackerone.com/reports/314518 (Reflected)https://hackerone.com/reports/384112 (Reflected)https://hackerone.com/reports/470206 (Reflected)https://hackerone.com/reports/496375 (Reflected)https://hackerone.com/reports/557389 (Reflected)https://hackerone.com/reports/311639 (Reflected)https://hackerone.com/reports/179426 (Reflected)https://hackerone.com/reports/772116 (Reflected)https://hackerone.com/reports/484905 (Reflected)https://hackerone.com/reports/150837 (Reflected)https://hackerone.com/reports/324442 (Reflected)https://hackerone.com/reports/789652 (Reflected)https://hackerone.com/reports/950700 (Reflected)https://hackerone.com/reports/770349 (Reflected)https://hackerone.com/reports/840759 (Reflected)https://hackerone.com/reports/415139 (Reflected)https://hackerone.com/reports/751870 (Reflected)https://hackerone.com/reports/485748 (stored)https://hackerone.com/reports/942859 (Stored)https://hackerone.com/reports/380103 (Stored)https://hackerone.com/reports/380103 (Stored)https://hackerone.com/reports/974271 (Stored)https://hackerone.com/reports/411690 (Stored)https://hackerone.com/reports/643908 (Stored)https://hackerone.com/reports/942859 (Stored)https://hackerone.com/reports/484434 (Stored)https://hackerone.com/reports/647130 (Stored)https://hackerone.com/reports/876148 (DOM)https://hackerone.com/reports/708592 (DOM)https://hackerone.com/reports/702981 (DOM)https://hackerone.com/reports/954613 (DOM)https://hackerone.com/reports/405191 (DOM)https://hackerone.com/reports/156166 (DOM)https://hackerone.com/reports/499030 (DOM)https://hackerone.com/reports/753971 (DOM)https://hackerone.com/reports/545121 (DOM)https://hackerone.com/reports/507139 (DOM)https://hackerone.com/reports/324303 (DOM)https://hackerone.com/reports/508228 (DOM)https://hackerone.com/reports/396493 (DOM)https://hackerone.com/reports/868934 (DOM)https://hackerone.com/reports/398054 (DOM)https://hackerone.com/reports/882546 (DOM)https://hackerone.com/reports/767944 (DOM)https://hackerone.com/reports/704266 (DOM)https://hackerone.com/reports/526265 (DOM)https://hackerone.com/reports/508517 (DOM)https://hackerone.com/reports/474656 (DOM)https://hackerone.com/reports/241619 (DOM)https://hackerone.com/reports/282909 (DOM)https://hackerone.com/reports/297968 (DOM)https://hackerone.com/reports/377264 (DOM)https://hackerone.com/reports/142609 (DOM)https://hackerone.com/reports/125498 (DOM)https://hackerone.com/reports/168165 (DOM)https://hackerone.com/reports/603764 (DOM)https://hackerone.com/reports/232432 (Universal)
Server Side Template Injection
https://hackerone.com/reports/423541https://hackerone.com/reports/164224https://hackerone.com/reports/399462https://hackerone.com/reports/271960https://hackerone.com/reports/944359https://hackerone.com/reports/125980
CORS
https://hackerone.com/reports/758785https://hackerone.com/reports/426165https://hackerone.com/reports/426147https://hackerone.com/reports/896093https://hackerone.com/reports/769058https://hackerone.com/reports/733017https://hackerone.com/reports/954512https://hackerone.com/reports/796557https://hackerone.com/reports/430249https://hackerone.com/reports/577969https://hackerone.com/reports/235200https://hackerone.com/reports/470298https://hackerone.com/reports/168574https://hackerone.com/reports/768151https://hackerone.com/reports/310579https://hackerone.com/reports/688567https://hackerone.com/reports/761726https://hackerone.com/reports/163491https://hackerone.com/reports/317391
SQL
https://hackerone.com/reports/20279https://hackerone.com/reports/227102https://hackerone.com/reports/214798https://hackerone.com/reports/447742https://hackerone.com/reports/310031https://hackerone.com/reports/237597https://hackerone.com/reports/531051https://hackerone.com/reports/519631https://hackerone.com/reports/381758https://hackerone.com/reports/164684https://hackerone.com/reports/81701https://hackerone.com/reports/488795https://hackerone.com/reports/273946https://hackerone.com/reports/816254https://hackerone.com/reports/982202https://hackerone.com/reports/225098https://hackerone.com/reports/123660https://hackerone.com/reports/319279https://hackerone.com/reports/460428https://hackerone.com/reports/291764https://hackerone.com/reports/297478https://hackerone.com/reports/518669https://hackerone.com/reports/311244https://hackerone.com/reports/353784https://hackerone.com/reports/758654 (blind)https://hackerone.com/reports/295841 (blind)https://hackerone.com/reports/838855 (blind)https://hackerone.com/reports/363815 (blind)https://hackerone.com/reports/313037 (blind)https://hackerone.com/reports/242882 (blind)https://hackerone.com/reports/789259 (blind)https://hackerone.com/reports/433792 (blind)https://hackerone.com/reports/117073 (blind)https://hackerone.com/reports/786044 (blind)https://hackerone.com/reports/732430 (blind)https://hackerone.com/reports/221757 (blind)https://hackerone.com/reports/836079 (blind)https://hackerone.com/reports/592400 (blind)https://hackerone.com/reports/836079 (blind)https://hackerone.com/reports/398131 (blind)https://hackerone.com/reports/488795 (blind)https://hackerone.com/reports/549355 (blind)https://hackerone.com/reports/648346 (Boolean)https://hackerone.com/reports/745938 (Boolean)https://hackerone.com/reports/301257 (Boolean)https://hackerone.com/reports/297534 (Boolean)https://hackerone.com/reports/384397 (Boolean)https://hackerone.com/reports/246412 (Boolean)https://hackerone.com/reports/214798 (Boolean)
CRLF injection
https://hackerone.com/reports/858650https://hackerone.com/reports/446271https://hackerone.com/reports/237357https://hackerone.com/reports/245485https://hackerone.com/reports/52042https://hackerone.com/reports/217058https://hackerone.com/reports/53843https://hackerone.com/reports/590020https://hackerone.com/reports/332708https://hackerone.com/reports/234758https://hackerone.com/reports/192667https://hackerone.com/reports/192667https://hackerone.com/reports/66391https://hackerone.com/reports/761222https://hackerone.com/reports/145128https://hackerone.com/reports/145128https://hackerone.com/reports/796013https://hackerone.com/reports/197279https://hackerone.com/reports/192749https://hackerone.com/reports/171473
Command Injection
https://hackerone.com/reports/821962https://hackerone.com/reports/871071https://hackerone.com/reports/951249https://hackerone.com/reports/661959https://hackerone.com/reports/690010https://hackerone.com/reports/685447https://hackerone.com/reports/807961https://hackerone.com/reports/497312https://hackerone.com/reports/680480https://hackerone.com/reports/863944https://hackerone.com/reports/303061https://hackerone.com/reports/340208https://hackerone.com/reports/495382https://hackerone.com/reports/863944https://hackerone.com/reports/863956https://hackerone.com/reports/389561https://hackerone.com/reports/950192https://hackerone.com/reports/394294https://hackerone.com/reports/394294https://hackerone.com/reports/146735https://hackerone.com/reports/544928https://hackerone.com/reports/390865https://hackerone.com/reports/651518https://hackerone.com/reports/546753https://hackerone.com/reports/688270https://hackerone.com/reports/688270https://hackerone.com/reports/212696https://hackerone.com/reports/508487
XPath
LDAP
https://hackerone.com/reports/359290https://hackerone.com/reports/956295https://hackerone.com/reports/787113https://hackerone.com/reports/906959https://hackerone.com/reports/907311https://hackerone.com/reports/1050706
GraphQL injection
https://hackerone.com/reports/435066https://hackerone.com/reports/350964https://hackerone.com/reports/800231https://hackerone.com/reports/291531https://hackerone.com/reports/885539https://hackerone.com/reports/419883https://hackerone.com/reports/633001https://hackerone.com/reports/291531https://hackerone.com/reports/707406https://hackerone.com/reports/342978https://hackerone.com/reports/380317https://hackerone.com/reports/792927https://hackerone.com/reports/707433
CSRF
https://hackerone.com/reports/339352https://hackerone.com/reports/834366https://hackerone.com/reports/293016https://hackerone.com/reports/577920https://hackerone.com/reports/127703https://hackerone.com/reports/334253https://hackerone.com/reports/856518https://hackerone.com/reports/513137https://hackerone.com/reports/177472https://hackerone.com/reports/419891https://hackerone.com/reports/766533https://hackerone.com/reports/152569https://hackerone.com/reports/802930https://hackerone.com/reports/800356https://hackerone.com/reports/395731https://hackerone.com/reports/361184https://hackerone.com/reports/878443https://hackerone.com/reports/856981https://hackerone.com/reports/148156https://hackerone.com/reports/905831https://hackerone.com/reports/244778https://hackerone.com/reports/267867https://hackerone.com/reports/7516https://hackerone.com/reports/223329https://hackerone.com/reports/1003468https://hackerone.com/reports/13705https://hackerone.com/reports/2857https://hackerone.com/reports/2857
SSRF
https://hackerone.com/reports/514224https://hackerone.com/reports/793704https://hackerone.com/reports/643622https://hackerone.com/reports/737161https://hackerone.com/reports/382048https://hackerone.com/reports/341876https://hackerone.com/reports/885975https://hackerone.com/reports/1006599https://hackerone.com/reports/207477https://hackerone.com/reports/738553https://hackerone.com/reports/326040https://hackerone.com/reports/310036https://hackerone.com/reports/530974https://hackerone.com/reports/852413https://hackerone.com/reports/386292https://hackerone.com/reports/923132https://hackerone.com/reports/361793https://hackerone.com/reports/815084https://hackerone.com/reports/816848
Remote File Inclusion
https://hackerone.com/reports/660565https://hackerone.com/reports/14092https://hackerone.com/reports/208481https://hackerone.com/reports/346575
Local File Inclusion
https://hackerone.com/reports/492767https://hackerone.com/reports/59665https://hackerone.com/reports/1007799https://hackerone.com/reports/895972https://hackerone.com/reports/179034https://hackerone.com/reports/7779https://hackerone.com/reports/415233https://hackerone.com/reports/147570https://hackerone.com/reports/390013https://hackerone.com/reports/538771https://hackerone.com/reports/183978
Path Traversal
https://hackerone.com/reports/579517https://hackerone.com/reports/820224https://hackerone.com/reports/820224https://hackerone.com/reports/229622https://hackerone.com/reports/310943https://hackerone.com/reports/403707https://hackerone.com/reports/306607https://hackerone.com/reports/310671https://hackerone.com/reports/593911https://hackerone.com/reports/342066https://hackerone.com/reports/411405https://hackerone.com/reports/309124https://hackerone.com/reports/311218https://hackerone.com/reports/432600https://hackerone.com/reports/355501https://hackerone.com/reports/329837https://hackerone.com/reports/686343https://hackerone.com/reports/765291https://hackerone.com/reports/312889https://hackerone.com/reports/530289https://hackerone.com/reports/310690https://hackerone.com/reports/315760https://hackerone.com/reports/217344https://hackerone.com/reports/497771https://hackerone.com/reports/695416https://hackerone.com/reports/510043https://hackerone.com/reports/692262https://hackerone.com/reports/570035https://hackerone.com/reports/311216https://hackerone.com/reports/301862
XXE
https://hackerone.com/reports/500515https://hackerone.com/reports/312543https://hackerone.com/reports/486732https://hackerone.com/reports/227880https://hackerone.com/reports/334488https://hackerone.com/reports/762251https://hackerone.com/reports/248668https://hackerone.com/reports/483774https://hackerone.com/reports/836877
Session hijacking
https://hackerone.com/reports/163381https://hackerone.com/reports/167460https://hackerone.com/reports/19640https://hackerone.com/reports/137480https://hackerone.com/reports/124976https://hackerone.com/reports/242407https://hackerone.com/reports/263873https://hackerone.com/reports/745324
Session Fixation
https://hackerone.com/reports/423136https://hackerone.com/reports/135797https://hackerone.com/reports/135797https://hackerone.com/reports/135797https://hackerone.com/reports/135797https://hackerone.com/reports/167698https://hackerone.com/reports/193556https://hackerone.com/reports/2582https://hackerone.com/reports/255020https://hackerone.com/reports/163381https://hackerone.com/reports/745324https://hackerone.com/reports/434715https://hackerone.com/reports/284
IDOR
https://hackerone.com/reports/42587https://hackerone.com/reports/328337https://hackerone.com/reports/751577https://hackerone.com/reports/56511https://hackerone.com/reports/204984https://hackerone.com/reports/194790https://hackerone.com/reports/404797https://hackerone.com/reports/283419https://hackerone.com/reports/254151https://hackerone.com/reports/243943https://hackerone.com/reports/156537https://hackerone.com/reports/398316https://hackerone.com/reports/194594https://hackerone.com/reports/661978https://hackerone.com/reports/199321https://hackerone.com/reports/544329https://hackerone.com/reports/333767https://hackerone.com/reports/265258https://hackerone.com/reports/365504https://hackerone.com/reports/510759https://hackerone.com/reports/262661https://hackerone.com/reports/547663https://hackerone.com/reports/663431https://hackerone.com/reports/291721https://hackerone.com/reports/268167https://hackerone.com/reports/766437https://hackerone.com/reports/762707https://hackerone.com/reports/265284Authentication bypass
https://hackerone.com/reports/219205https://hackerone.com/reports/770504https://hackerone.com/reports/209008https://hackerone.com/reports/257305https://hackerone.com/reports/576504https://hackerone.com/reports/838231https://hackerone.com/reports/350288https://hackerone.com/reports/812064https://hackerone.com/reports/2233https://hackerone.com/reports/739321https://hackerone.com/reports/168108https://hackerone.com/reports/922456https://hackerone.com/reports/897385https://hackerone.com/reports/335330https://hackerone.com/reports/145629https://hackerone.com/reports/783258https://hackerone.com/reports/146129https://hackerone.com/reports/699082https://hackerone.com/reports/665722https://hackerone.com/reports/194832https://hackerone.com/reports/418767https://hackerone.com/reports/648222https://hackerone.com/reports/895172https://hackerone.com/reports/187705https://hackerone.com/reports/270981https://hackerone.com/reports/205000https://hackerone.com/reports/121696https://hackerone.com/reports/637194https://hackerone.com/reports/172137https://hackerone.com/reports/322985https://hackerone.com/reports/791775
default credentials
https://hackerone.com/reports/799898https://hackerone.com/reports/544334https://hackerone.com/reports/235216https://hackerone.com/reports/62531https://hackerone.com/reports/187025https://hackerone.com/reports/792895https://hackerone.com/reports/136454https://hackerone.com/reports/753602https://hackerone.com/reports/877402https://hackerone.com/reports/195163https://hackerone.com/reports/398797https://hackerone.com/reports/221333https://hackerone.com/reports/195163
oauth
https://hackerone.com/reports/922456https://hackerone.com/reports/5314https://hackerone.com/reports/5786https://hackerone.com/reports/131202https://hackerone.com/reports/3930https://hackerone.com/reports/665651https://hackerone.com/reports/405100https://hackerone.com/reports/110293https://hackerone.com/reports/202781https://hackerone.com/reports/314808https://hackerone.com/reports/3930https://hackerone.com/reports/314814https://hackerone.com/reports/541701https://hackerone.com/reports/739321https://hackerone.com/reports/87040https://hackerone.com/reports/740989https://hackerone.com/reports/55525https://hackerone.com/reports/434763https://hackerone.com/reports/46485https://hackerone.com/reports/343111https://hackerone.com/reports/55140https://hackerone.com/reports/7900
JWT
https://hackerone.com/reports/853145https://hackerone.com/reports/638635https://hackerone.com/reports/213437https://hackerone.com/reports/748214https://hackerone.com/reports/896649
SAML
https://hackerone.com/reports/812064https://hackerone.com/reports/888930https://hackerone.com/reports/223014https://hackerone.com/reports/168108https://hackerone.com/reports/178345https://hackerone.com/reports/324005https://hackerone.com/reports/171398https://hackerone.com/reports/438306https://hackerone.com/reports/106865
2FA
https://hackerone.com/reports/701901https://hackerone.com/reports/783258https://hackerone.com/reports/418767https://hackerone.com/reports/897385https://hackerone.com/reports/895722https://hackerone.com/reports/149598https://hackerone.com/reports/264090https://hackerone.com/reports/128085https://hackerone.com/reports/587910https://hackerone.com/reports/145629https://hackerone.com/reports/665722https://hackerone.com/reports/810880https://hackerone.com/reports/128777
Race Conditions
https://hackerone.com/reports/146845https://hackerone.com/reports/604534https://hackerone.com/reports/429026https://hackerone.com/reports/927384https://hackerone.com/reports/759247https://hackerone.com/reports/165570https://hackerone.com/reports/488985https://hackerone.com/reports/37240https://hackerone.com/reports/454949https://hackerone.com/reports/47227https://hackerone.com/reports/55140https://hackerone.com/reports/429026https://hackerone.com/reports/119657https://hackerone.com/reports/509629https://hackerone.com/reports/759247https://hackerone.com/reports/381356https://hackerone.com/reports/317557https://hackerone.com/reports/220445https://hackerone.com/reports/183624https://hackerone.com/reports/146845https://hackerone.com/reports/604534https://hackerone.com/reports/488985https://hackerone.com/reports/454949https://hackerone.com/reports/176127https://hackerone.com/reports/148609https://hackerone.com/reports/768110https://hackerone.com/reports/214028https://hackerone.com/reports/187134https://hackerone.com/reports/331940https://hackerone.com/reports/106360https://hackerone.com/reports/59179https://hackerone.com/reports/115007https://hackerone.com/reports/395351https://hackerone.com/reports/395351https://hackerone.com/reports/157996
Type Juggling
rate limiting
https://hackerone.com/reports/170310https://hackerone.com/reports/165727https://hackerone.com/reports/723974https://hackerone.com/reports/764122https://hackerone.com/reports/64666https://hackerone.com/reports/947349https://hackerone.com/reports/224460https://hackerone.com/reports/1029723https://hackerone.com/reports/903363https://hackerone.com/reports/791498https://hackerone.com/reports/157750https://hackerone.com/reports/905816
HTTP parameter pollution
https://hackerone.com/reports/335339https://hackerone.com/reports/298265https://hackerone.com/reports/106024https://hackerone.com/reports/105953Web cache poisoning
https://hackerone.com/reports/492841https://hackerone.com/reports/429747https://hackerone.com/reports/622122https://hackerone.com/reports/977851https://hackerone.com/reports/728664https://hackerone.com/reports/534297https://hackerone.com/reports/960618https://hackerone.com/reports/409370https://hackerone.com/reports/303730https://hackerone.com/reports/504514https://hackerone.com/reports/84601https://hackerone.com/reports/397508https://hackerone.com/reports/921704https://hackerone.com/reports/394016https://hackerone.com/reports/487https://hackerone.com/reports/550266https://hackerone.com/reports/593712
Web cache deception
https://hackerone.com/reports/439021https://hackerone.com/reports/537564https://hackerone.com/reports/537564https://hackerone.com/reports/397508https://hackerone.com/reports/492841https://hackerone.com/reports/504261https://hackerone.com/reports/394016https://hackerone.com/reports/415168https://hackerone.com/reports/260697
HTTP request Smuggling
https://hackerone.com/reports/867952https://hackerone.com/reports/866382https://hackerone.com/reports/726773https://hackerone.com/reports/737140https://hackerone.com/reports/715996https://hackerone.com/reports/919175https://hackerone.com/reports/713285https://hackerone.com/reports/694604https://hackerone.com/reports/771666https://hackerone.com/reports/643225https://hackerone.com/reports/922597https://hackerone.com/reports/498052https://hackerone.com/reports/498052https://hackerone.com/reports/777651https://hackerone.com/reports/735748https://hackerone.com/reports/735748https://hackerone.com/reports/526880https://hackerone.com/reports/919988https://hackerone.com/reports/648434https://hackerone.com/reports/753939
RCE
https://hackerone.com/reports/591295https://hackerone.com/reports/470520https://hackerone.com/reports/181879https://hackerone.com/reports/658013https://hackerone.com/reports/351014https://hackerone.com/reports/658013https://hackerone.com/reports/403417https://hackerone.com/reports/631956https://hackerone.com/reports/303061https://hackerone.com/reports/269066https://hackerone.com/reports/139879https://hackerone.com/reports/212696https://hackerone.com/reports/502758https://hackerone.com/reports/683957https://hackerone.com/reports/592400https://hackerone.com/reports/73567https://hackerone.com/reports/513154https://hackerone.com/reports/31756https://hackerone.com/reports/260005https://hackerone.com/reports/198734https://hackerone.com/reports/206227https://hackerone.com/reports/113928https://hackerone.com/reports/473888https://hackerone.com/reports/134738https://hackerone.com/reports/274990https://hackerone.com/reports/178152https://hackerone.com/reports/227880https://hackerone.com/reports/248116https://hackerone.com/reports/191884https://hackerone.com/reports/576887https://hackerone.com/reports/158330https://hackerone.com/reports/546753https://hackerone.com/reports/678496https://hackerone.com/reports/276031https://hackerone.com/reports/730121
Clickjacking
https://hackerone.com/reports/776932https://hackerone.com/reports/832593https://hackerone.com/reports/163753https://hackerone.com/reports/244697https://hackerone.com/reports/728004https://hackerone.com/reports/583624https://hackerone.com/reports/405342https://hackerone.com/reports/357954https://hackerone.com/reports/8724https://hackerone.com/reports/299009https://hackerone.com/reports/347782https://hackerone.com/reports/737625https://hackerone.com/reports/230581https://hackerone.com/reports/305128https://hackerone.com/reports/289246https://hackerone.com/reports/591432https://hackerone.com/reports/179839https://hackerone.com/reports/712376https://hackerone.com/reports/85624https://hackerone.com/reports/530008https://hackerone.com/reports/119828https://hackerone.com/reports/103178https://hackerone.com/reports/272387
Deserialization
https://hackerone.com/reports/153026(java)https://hackerone.com/reports/221294 (java)https://hackerone.com/reports/329399 (java)https://hackerone.com/reports/350401 (java)https://hackerone.com/reports/350418 (java)https://hackerone.com/reports/415501 (php)https://hackerone.com/reports/403083 (php)https://hackerone.com/reports/274990 (ruby)https://hackerone.com/reports/413388 (ruby)https://hackerone.com/reports/473888 (ruby
Mass Assignment Vulnerability
websocket
https://hackerone.com/reports/178990https://hackerone.com/reports/409850https://hackerone.com/reports/395729https://hackerone.com/reports/163464https://hackerone.com/reports/512065https://hackerone.com/reports/1023669
Account Takeover
https://hackerone.com/reports/314808https://hackerone.com/reports/317476https://hackerone.com/reports/538800https://hackerone.com/reports/121827https://hackerone.com/reports/1058015https://hackerone.com/reports/1004536https://hackerone.com/reports/1018270https://hackerone.com/reports/410099https://hackerone.com/reports/127703https://hackerone.com/reports/745324https://hackerone.com/reports/843160https://hackerone.com/reports/987751https://hackerone.com/reports/463330https://hackerone.com/reports/950881https://hackerone.com/reports/240821https://hackerone.com/reports/969223https://hackerone.com/reports/423022https://hackerone.com/reports/855618https://hackerone.com/reports/215859https://hackerone.com/reports/810880https://hackerone.com/reports/867513https://hackerone.com/reports/670924https://hackerone.com/reports/847452https://hackerone.com/reports/17512https://hackerone.com/reports/905607https://hackerone.com/reports/915114https://hackerone.com/reports/542047https://hackerone.com/reports/796956