Airbnb


10 total issues disclosed

$2,500 total paid publicly


Most disclosed (3 disclosures) — Information Disclosure

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
[airbnb.com] XSS via Cookie flash Cross-site Scripting (XSS) - Generic bobrov Medium 2018-04-04
[m.airbnb.com] CRLF Injection HTTP Response Splitting bobrov Low 2018-04-04
Call back number not verified Business Logic Errors al7311 No rating 2017-07-20
Nginx Version Disclosure Information Disclosure lulliii Medium 2017-03-23
████ discloses valid Airbnb SSO login names via Google Search Results Information Disclosure aesteral No rating 2016-10-09
authenticity_token is not random across page loads Cross-Site Request Forgery (CSRF) alokmenghrajani No rating 2015-08-13
I Can Delete Any Airbnb Users Symbol! Improper Authentication - Generic faisalahmed No rating 2015-07-04
SSL Issues Cryptographic Issues - Generic ruisilva No rating 2015-04-11
Vulnerability type xss uncovered in airbnb.es Cross-site Scripting (XSS) - Generic hykatza No rating 2015-04-08
Generating Unlimited Free Travel Gift Invites | IDOR Information Disclosure shamrocksu88 No rating 2015-04-04