Grammarly


16 total issues disclosed

$44,550 total paid publicly


Most disclosed (4 disclosures) — Information Disclosure

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Bypassing the Grammarly plagiarism checker by simply replacing characters in the source text Business Logic Errors evilksandr None 2021-10-28
Ability to DOS any organization's SSO and open up the door to account takeovers Improper Authentication - Generic cache-money High 2021-04-15
Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state Business Logic Errors fransrosen Medium 2021-03-01
Unauthenticated users can access all food.grammarly.io user's data Improper Access Control - Generic cript0nauta Low 2020-08-10
Grammarly Keyboard for Android "Authorization Code with PKCE" flow implementation vulnerability that allows account takeover Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) tomtenisse Medium 2020-07-24
Account takeover through the combination of cookie manipulation and XSS Cross-site Scripting (XSS) - Stored k4r4koyun High 2019-12-03
Permissive CORS policy trusting arbitrary extensions origin Improper Access Control - Generic foobar7 Medium 2019-11-06
Lack of CSRF header validation at https://g-mail.grammarly.com/profile Information Disclosure orlserg Medium 2019-10-31
Previously created sessions continue being valid after MFA activation Improper Access Control - Generic brdoors3 Medium 2019-08-19
“email” MFA mode allows bypassing MFA from victim’s device when the device trust is not expired Improper Authentication - Generic l1nkworld Medium 2019-08-12
Handling of `tracking` command allows making arbitrary blind requests with user's cookies from Grammarly Extension's origin None supplied metnew Critical 2019-08-01
`socket` command allows sending data over WebSockets to arbitrary origins from Grammarly Extension None supplied metnew High 2019-07-15
Grammarly Keyboard for Android <4.1 leaks user input through logs (except for sensitive input fields) Information Exposure Through Debug Information lukasstefanko Low 2019-06-03
Employee's GitHub Token Found In Travis CI Build Logs Information Disclosure karimpwnz High 2019-05-22
Employee's GitHub Token Found In Travis CI Build Logs Information Disclosure karimpwnz High 2019-05-22
Employee's GitHub Token Found In Travis CI Build Logs Information Disclosure karimpwnz High 2019-05-22