Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles Doppler Program Statistics
4 total issues disclosed
$250 total paid publicly
Most disclosed (1 disclosures) — Improper Access Control - Generic
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| WAF bypass and java script incomplete handling of Unicode characters might leads to dom-xss | Improper Access Control - Generic | clubbable | No rating | 2025-01-13 |
| Availability Impact from Exploiting Project Name Vulnerabilities | Business Logic Errors | mr_root_0101 | Low | 2024-11-13 |
| Acquisition on broken link listed on the page "https://docs.doppler.com/docs/removal-deprecated-packages-scripts in [scheduling a call] | Externally Controlled Reference to a Resource in Another Sphere | zig_shark | Low | 2024-05-22 |
| Github app(link) Takeover Listed on "https://docs.doppler.com/docs/github-actions" page | None supplied | w3shi | Low | 2024-03-15 |