Lark Technologies Bug Bounty Program Statistics | BugBountyHunter.com

Lark Technologies Program Statistics

8 total issues disclosed

$17,050 total paid publicly

Most disclosed (4 disclosures) — Server-Side Request Forgery (SSRF)

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Non privileged user is able to approve his own app himself leading to mass privilege escalations.	Privilege Escalation	imran_nisar	High	2021-11-20
Attacker is able to join any tenant on larksuite and view personal files/chats.	Privilege Escalation	imran_nisar	Critical	2021-11-03
[Lark Android] Vulnerability in exported activity WebView	Cross-site Scripting (XSS) - Generic	shell_c0de	Medium	2021-07-22
Improper Access Control on Lark Footer Feature	Improper Access Control - Generic	imran_nisar	High	2021-05-18
SSRF with information disclosure	Server-Side Request Forgery (SSRF)	jin0ne	Medium	2021-04-27
Server Side Request Forgery	Server-Side Request Forgery (SSRF)	jin0ne	Critical	2021-03-29
Server Side Request Forgery	Server-Side Request Forgery (SSRF)	jin0ne	Critical	2021-03-29
Stored XSS & SSRF in Lark Docs	Server-Side Request Forgery (SSRF)	mike12	Critical	2021-02-05