Lemlist


8 total issues disclosed

$0 total paid publicly


Most disclosed (4 disclosures) — Cross-site Scripting (XSS) - Stored

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Stored XSS at [ https://app.lemlist.com/campaigns/cam_QRS5caF2ca7MJtiLS/leads ] in " LINKEDIN URL" Field. Cross-site Scripting (XSS) - Stored try__for_impossible Low 2020-07-24
CVE-2019-19935 - DOM based XSS in the froala editor Cross-site Scripting (XSS) - DOM chackal Low 2020-07-24
Stored XSS in app.lemlist.com Cross-site Scripting (XSS) - Stored solov9ev Low 2020-07-23
app.lemlist.com : Admin Panel Access Improper Access Control - Generic omarelfarsaoui None 2020-07-23
stored xss via Campaign Name. Cross-site Scripting (XSS) - Stored omarelfarsaoui Medium 2020-07-21
stored xss in app.lemlist.com Cross-site Scripting (XSS) - Stored omarelfarsaoui Medium 2020-07-21
SSRF in img.lemlist.com that leads to Localhost Port Scanning Server-Side Request Forgery (SSRF) arsene_lupin Medium 2020-05-28
Unrestricted File Upload on https://app.lemlist.com Unrestricted Upload of File with Dangerous Type ctulhu Critical 2020-04-01