Evernote Program Statistics

View program

7 total issues disclosed

$5,450 total paid publicly

Most disclosed (2 disclosures) — None supplied

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
[34.96.80.155] Server Logs Disclosure lead to Information Leakage Privilege Escalation huntinex Low 2021-12-09
Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion Server-Side Request Forgery (SSRF) neolexsecurity Critical 2021-12-06
CSRF leads to account deactivation of users None supplied sampritdas Medium 2021-10-19
Non-production Open Database In Combination With XXE Leads To SSRF XML External Entities (XXE) kaulse Critical 2020-10-27
One Click Code Execution via File Execution with Unnecessary Privileges ajdumanhug High 2020-03-24
One Click Code Execution via File Execution with Unnecessary Privileges ajdumanhug High 2020-03-24
Wormable stored XSS in www.evernote.com None supplied jobert High 2018-08-21