GoCD Bug Bounty Program Statistics | BugBountyHunter.com

You are viewing our old website

We are busy working on a brand new website and platform. All of the content on this website is considered out-dated, however challenges and our members section are working as before. Stay tuned for updates!

GoCD Program Statistics

9 total issues disclosed

$0 total paid publicly

Most disclosed (2 disclosures) — Information Disclosure

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Information Disclosure via Logback Configuration Injection in GoCD Agent	Information Disclosure	aigirl	None	2026-02-04
XSS in GOCD Analytics Plugin	Cross-site Scripting (XSS) - DOM	aviv_keller	Medium	2024-03-27
XSS in new.loading.page.html	Cross-site Scripting (XSS) - Reflected	aviv_keller	Low	2024-03-17
Open S3 Bucket Accessible by any Aws User	Improper Access Control - Generic	x_sh4dow	None	2022-07-31
XSS In https://docs.gocd.org/current/	Cross-site Scripting (XSS) - Generic	asusrog	Critical	2020-11-13
Spring security configuration allows agent sessions to be hijacked	Improper Authentication - Generic	4cad	High	2018-07-31
Reflected XSS vector	Cross-site Scripting (XSS) - Generic	creased	Medium	2017-02-22
Directory Listening	Information Disclosure	kiraak-boy	No rating	2016-09-14
X-Content-Type-Options header missing at Auth Login	Violation of Secure Design Principles	kiraak-boy	No rating	2016-08-18