-
See https://hackerone.com/reports/274267 for example
-
```
C:\programming\luau\0.627\Compiler\src\Compiler.cpp(2463,52): warning : missing field 'reg' initializer [-Wmissing-field-initializers]
C:\programming\luau\0.627\Compiler\src\Compiler.cpp(2473,54…
-
- [ ] Document existing state (we do only check the policy on password changes)
- [ ] Consider performing the password policy check also on login time
Reference https://hackerone.com/reports/11693…
-
Similar to this https://github.com/brave/brave-browser/issues/36184 we should add `` element from the original page to the Reader Mode
Relevant reports:
https://hackerone.com/reports/2376883
https:…
-
## Service name
Microsoft Azure
## Proof
There is no general approach for PoC. Microsoft Azure offers multiple services (CloudApp, Azure Websites, etc.) that use different domain names.
Ge…
-
Hi,
I have reported an High severity security vulnerability related to this repository on [DiDi Labs Hackerone](https://hackerone.com/didilabs) Bug Bounty program on 14th may 2024. But no response …
nvk0x updated
2 months ago
-
Service name
webflow
Website
https://webflow.com/
Report
https://hackerone.com/reports/399165
Subdomain takeover through webflow is possible but for creating POC you need a paid account …
-
## HubSpot
## Proof
Example of https://hackerone.com/reports/38007
## Doc
I do the same takeover last 2 days so The vulnerability is still exist .
-
Steps To Reproduce:
1. Enable Brave News
2. In Brave settings (brave://settings/shields), set "Upgrade connections to HTTPS" to "Strict"
3. Open WireShark. Enable capturing. Set the display filte…
-
Reusing a CSRF token throughout a browser session is theoretically not as secure as generating a different one for every form.
Reports: and .