-
**What would you like to happen?**
What do you think about adding to every test scenario possible bug bounty reports that are relevant and provide value.
One example would be for file upload XSS sin…
-
TIL: Our current mobile script injection technique violates some CSPs!
I just got off a call with a team that currently can't use MetaMask because their page's CSP refuses to interact with an inlin…
-
after taking another look at your application i noticed in the ajax_calls.php file in the "save_img" action that the "name" parameter doesn't validate the extension of the file.
this makes it possibl…
-
Might be useful to:
A) have a new page/section for common exploits in programs and code snippets for how they’re fixed
B) have a new page/section for program security as a whole which would include …
-
## Context
On Bug Buster, we're aiming to support Smart Contract Bounties soon.
To this end, we need an Ethereum node running inside the machine.
We've found `reth` to be a suitable candidate, in…
-
It'd be a really good idea to rate limit per domain (or maybe per IP) to prevent hammering hosts when there aren't many prefixes.
-
Reporting client info: Client Information:
BYOND:515.1643
Key:echofamilyoffi
## Round ID:
[7003](https://scrubby.melonmesa.com/round/7003)
## Testmerges:
- [[DNM] Plexora](https://github.com/Mo…
-
We've been working on Super Editor for three years. In that time we've enjoyed funding from companies including Superlist, ClickUp, Turtle, Clearful, Bringing Fire, and Reflection. Our goal from the b…
-
Reporting client info: Client Information:
BYOND:515.1643
Key:echofamilyoffi
## Round ID:
[7003](https://scrubby.melonmesa.com/round/7003)
## Testmerges:
- [[DNM] Plexora](https://github.com/Mo…
-
Reporting client info: Client Information:
BYOND:515.1641
Key:theprofit
## Round ID:
[7168](https://scrubby.melonmesa.com/round/7168)
## Testmerges:
- [[DNM] Plexora](https://github.com/Monkest…