The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...
Continue Reading
January 28, 2025
The HackerOne email change process was found to have a vulnerability where the system automatically verifies the email address if the verification link is opened in any browser, even by email scanning ...
Continue Reading
January 28, 2025
A security vulnerability was identified in the API of ████████. The endpoint ████████ was found to return sensitive user information, including hashed passwords, in its ...
Continue Reading
January 28, 2025
The identified page allowed unauthorized access to a user's profile management functionality without requiring authentication. Sensitive user details, such as name, email address, and EDIPI, were ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
Exposed Logs and Bearer Tokens on Test Endpoint were reported to IBM, analyzed, and have been...Read More ...
Continue Reading
January 28, 2025
Vulnerability description not...Read More ...
Continue Reading
January 28, 2025
Back to Main
