Aspen Bug Bounty Program Statistics | BugBountyHunter.com

Aspen Program Statistics

9 total issues disclosed

$0 total paid publicly

Most disclosed (3 disclosures) — None supplied

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Session does't get expired after changing the password in https://readthedocs.org	None supplied	kalyani64	No rating	2017-11-16
Email Spoofing	Violation of Secure Design Principles	abartan	Low	2017-11-09
Information leakage on django.aspen.io	Information Disclosure	rey_7	No rating	2017-09-29
client_secret Token disclosure	None supplied	yumi	No rating	2017-09-28
No Rate Limit (Leads to huge email flooding/email bombing)	Improper Access Control - Generic	saikiran-10099	Medium	2017-09-28
Password reset token leak on third party website via Referer header	Violation of Secure Design Principles	akaash_pantherdefence	Medium	2017-09-27
Cross-origin resource sharing (CORS)	Improper Access Control - Generic	nn1	None	2017-09-27
Server Path Disclosure	None supplied	krazyhack3r	No rating	2017-09-27
aspen \| clickjacking	UI Redressing (Clickjacking)	punkit	Low	2017-09-27