Aspen Program Statistics

View program

9 total issues disclosed

$0 total paid publicly

Most disclosed (3 disclosures) — None supplied

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
Session does't get expired after changing the password in None supplied kalyani64 No rating 2017-11-16
Email Spoofing Violation of Secure Design Principles abartan Low 2017-11-09
Information leakage on Information Disclosure rey_7 No rating 2017-09-29
client_secret Token disclosure None supplied yumi No rating 2017-09-28
No Rate Limit (Leads to huge email flooding/email bombing) Improper Access Control - Generic saikiran-10099 Medium 2017-09-28
Password reset token leak on third party website via Referer header Violation of Secure Design Principles akaash_pantherdefence Medium 2017-09-27
Cross-origin resource sharing (CORS) Improper Access Control - Generic nn1 None 2017-09-27
Server Path Disclosure None supplied krazyhack3r No rating 2017-09-27
aspen | clickjacking UI Redressing (Clickjacking) punkit Low 2017-09-27