Deriv.com Bug Bounty Program Statistics | BugBountyHunter.com

Deriv.com Program Statistics

12 total issues disclosed

$975 total paid publicly

Most disclosed (4 disclosures) — Cross-site Scripting (XSS) - Generic

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Leaking Referrer in Reset Password Link	Violation of Secure Design Principles	flex0geek	Low	2018-03-06
Cross site scripting	Cross-site Scripting (XSS) - Generic	an0n-j	No rating	2016-09-02
HTML injection via 'underlying' parameter	Cross-site Scripting (XSS) - Generic	roshanpty	No rating	2016-07-24
CJ vulnerability in subdomain	UI Redressing (Clickjacking)	0x0ameer	No rating	2016-06-09
XSS	Cross-site Scripting (XSS) - Generic	thalaivarsubu	No rating	2016-05-23
Full takeover of some binary.com sub domains	None supplied	koenrh	No rating	2016-02-05
Cookie bug	Improper Authentication - Generic	blinkms	No rating	2015-12-16
Email Verification Link can be Used as Password Reset Link!	Improper Authentication - Generic	karimrahal	No rating	2015-12-03
Http Response Splitting - Validate link	None supplied	gerben_javado	No rating	2015-11-15
login to any user's cashier account and full account information disclosure	Improper Authentication - Generic	zombiehelp54	No rating	2015-11-14
Cross Site Scripting	Cross-site Scripting (XSS) - Generic	paulos_	No rating	2015-11-13
User Enumeration : Due to rate limiting on registration	Information Disclosure	shailesh4594	No rating	2015-11-05