Deriv.com Program Statistics


View program

12 total issues disclosed

$975 total paid publicly

Most disclosed (4 disclosures) — Cross-site Scripting (XSS) - Generic



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Leaking Referrer in Reset Password Link Violation of Secure Design Principles flex0geek Low 2018-03-06
Cross site scripting Cross-site Scripting (XSS) - Generic an0n-j No rating 2016-09-02
HTML injection via 'underlying' parameter Cross-site Scripting (XSS) - Generic roshanpty No rating 2016-07-24
CJ vulnerability in subdomain UI Redressing (Clickjacking) 0x0ameer No rating 2016-06-09
XSS Cross-site Scripting (XSS) - Generic thalaivarsubu No rating 2016-05-23
Full takeover of some binary.com sub domains None supplied koenrh No rating 2016-02-05
Cookie bug Improper Authentication - Generic blinkms No rating 2015-12-16
Email Verification Link can be Used as Password Reset Link! Improper Authentication - Generic karimrahal No rating 2015-12-03
Http Response Splitting - Validate link None supplied gerben_javado No rating 2015-11-15
login to any user's cashier account and full account information disclosure Improper Authentication - Generic zombiehelp54 No rating 2015-11-14
Cross Site Scripting Cross-site Scripting (XSS) - Generic paulos_ No rating 2015-11-13
User Enumeration : Due to rate limiting on registration Information Disclosure shailesh4594 No rating 2015-11-05