Lyst


6 total issues disclosed

$1,550 total paid publicly


Most disclosed (2 disclosures) — Violation of Secure Design Principles

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Subdomain takeover of storybook.lystit.com Privilege Escalation parzel High 2020-01-22
Bypassing one-time checkout router page (revealing payment information) Information Disclosure tolo7010 Low 2018-05-10
SSRF at iris.lystit.com Server-Side Request Forgery (SSRF) tripwire Low 2017-10-18
CSRF - Adding unlimited number of saved items via GET request Cross-Site Request Forgery (CSRF) inhibitor181 Medium 2017-09-28
Site configured improperly at subdomain of lyst.co.uk Violation of Secure Design Principles mr_edwards No rating 2017-03-29
Mixed Active content issue on https://www.lyst.com Violation of Secure Design Principles mrr3boot Low 2017-02-22