New Relic


190 total issues disclosed

$120,182 total paid publicly


Most disclosed (28 disclosures) — Privilege Escalation

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Reflected XSS in VPN Appliance Cross-site Scripting (XSS) - Reflected mr-hakhak Medium 2021-11-10
Account takeover by using abandoned email id of victim which has already been changed to new by victim himself on one.newrelic.com Improper Authentication - Generic ashmek Low 2021-07-02
Untrusted deserialization issue when loading newrelic.yml file in Java agent leads to code execution on host Deserialization of Untrusted Data j0v Low 2021-06-28
Account Takeover via Email ID Change and Forgot Password Functionality Improper Authentication - Generic dsdh High 2021-06-28
removed user can still join the organization Business Logic Errors moon_shadow Low 2021-05-10
Stored XSS via malicious key value of Synthetics monitor tag when visiting an Insights dashboard with filtering enabled Cross-site Scripting (XSS) - Stored jon_bottarini High 2021-04-20
"Basic user" which can only access a limited subset of the platform can access certain pages which are restricted to the user by the account owner. Improper Access Control - Generic jhimansh None 2020-09-22
[NR Synthetics] Restricted User can add/modify alert conditions on monitors without any synthetics privileges Privilege Escalation jon_bottarini Medium 2020-09-04
[NR Alerts/Synthetics] IDOR through /policies.json with Synthetics exposes full name of other NR users Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-09-04
GET request to accounts.json on support site leaks the root account license key and the browser license key to a restricted user Information Disclosure jon_bottarini Medium 2020-09-04
Ability to view monitor names of other NR accounts through internal API (v3) via "monitor_id" parameter Insecure Direct Object Reference (IDOR) jon_bottarini High 2020-09-04
[NR Insights] Data app permissions setting does not fully prevent other users from modifying/changing changing data related to your data app Privilege Escalation jon_bottarini Medium 2020-09-04
Upgrade menu exposes the mobile application token meant to only be visible to administrators Privilege Escalation jon_bottarini Low 2020-09-04
Permissions leaks the full name of other NR accounts - Regression of #267636 Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-09-04
Full name of other accounts exposed through NR API Explorer (another workaround of #476958) Privilege Escalation jon_bottarini Medium 2020-09-04
[NR Alerts/Synthetics?] User with no Synthetics permissions can view synthetic monitor details through /internal_api/ endpoint Privilege Escalation jon_bottarini Medium 2020-09-04
Logic flaw enables restricted account to access account license key Privilege Escalation jon_bottarini Medium 2020-09-04
IDOR via internal_api "users" endpoint Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-09-04
[NR Infrastructure] Restricted user can update integration provider account name via integrations API Privilege Escalation jon_bottarini Medium 2020-09-04
[NR Insights] IDOR - Modify the filter settings for any NR Insights dashboard through internal_api endpoint Insecure Direct Object Reference (IDOR) jon_bottarini High 2020-09-04
[NR Synthetics] (IDOR) Ability to see full name associated with other New Relic accounts through workaround of #255894 Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-09-04
[Synthetics/Infrastructure/everything] Individual account permissions are not properly managed and inherited on sub accounts Business Logic Errors jon_bottarini Medium 2020-09-04
User is able to access and create private synthetics locations without upgrading (regression of #276157) Client-Side Enforcement of Server-Side Security jon_bottarini Low 2020-09-04
Restricted user can bypass permissions restriction to create NR Alert policies Privilege Escalation jon_bottarini Medium 2020-09-04
[NR Alerts] Internal API exposes Synthetics monitor details to a restricted user without view monitor permissions Privilege Escalation jon_bottarini Medium 2020-09-04
[NR Synthetics] Restricted user can view synthetics monitors and user permissions through .json endpoint at /permissions/securablemetadata/{GROUP ID} Privilege Escalation jon_bottarini Medium 2020-08-26
Adding a new user discloses their full name in the "Users" section of NR Alerts notification channels page Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-08-26
[New Relic Infrastructure] Restricted User can still integrate with AWS via forced browsing (plus, a few other bugs) Privilege Escalation jon_bottarini Medium 2020-08-26
Internal API endpoint discloses full account name of email address associated with unconfirmed user Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2020-08-26
Stored XSS via "my recent queries" selector in NRQL dashboard builder Cross-site Scripting (XSS) - Stored jon_bottarini High 2020-08-24
NRQL Query allows restricted user to pull all data from Synthetics monitors without having read permissions enabled Privilege Escalation jon_bottarini Medium 2020-08-24
Restricted user can view all account invoices, payment method details, PII of account owner through zoura_api endpoints Privilege Escalation jon_bottarini Medium 2020-08-24
(Prerelease UI) Stored XSS via role name in JSON chart Cross-site Scripting (XSS) - Stored jon_bottarini High 2020-08-24
Passive stored XSS at Synthetics job result page (View resource) Cross-site Scripting (XSS) - Stored skavans Medium 2020-08-13
CSRF at adding new role (user-management.service.newrelic.com) Cross-Site Request Forgery (CSRF) skavans Medium 2020-08-13
User can run monitors at private locations, which he has no access to Insecure Direct Object Reference (IDOR) skavans High 2020-08-13
Stored XSS at APM apps labels autocomplete dropdown (apps listing) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Disclosure of locally served nerdpacks due to nr-local.net CORS policy misconfiguration Information Disclosure skavans Low 2020-08-13
Cross-account reading of Insights dashboards through GraphQL Insecure Direct Object Reference (IDOR) skavans Medium 2020-08-13
Restricted user can remove NerdStorage documents/collections scoped to ACCOUNT or ENTITY Improper Access Control - Generic skavans Medium 2020-08-13
Attacker can create new account inside any partnership with no approve from the Partnership owner Insecure Direct Object Reference (IDOR) skavans Medium 2020-08-13
Secure credentials values disclosure to regular users due to access control issue in monitor creating function Improper Access Control - Generic skavans Medium 2020-08-13
Stored XSS firing at transaction map (applicationName field) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS firing at the "Add chart to note" popup Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Cross-account stored XSS at notes (through "swf" note parameter) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS at APM applications listing Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored admin-to-owner XSS at infrastructure alerts runbook URL leading to account takeover by malicious admin Cross-site Scripting (XSS) - Stored skavans Medium 2020-08-13
One Click Remote Code Injection - *.blog.newrelic.com Code Injection arsene_lupin Medium 2020-08-13
Site-wide clickjacking at IE11 UI Redressing (Clickjacking) skavans Low 2020-08-13
Restricted user can manage the NerdGraph entities' tags Improper Access Control - Generic skavans Medium 2020-08-13
Restricted user can update Apdex target for applications by leveraging the GraphQL mutation Improper Access Control - Generic skavans Medium 2020-08-13
Stored XSS at APM key transactions list Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS at Synthetics private locations (planted through location label or description) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS at Mobile (Versions tab) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
CSTI fix (#587829) bypass leading to stored XSS at plugins again Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS Via NRQL chartbuilder JSON view Cross-site Scripting (XSS) - Stored jon_bottarini High 2020-08-13
Stored XSS firing if the error occurs when trying to delete the APM app Cross-site Scripting (XSS) - Stored skavans Medium 2020-08-13
CSRF at acknowledging an incident Cross-Site Request Forgery (CSRF) skavans Medium 2020-08-13
Restricted user can add and delete tags of APM key transactions Privilege Escalation jon_bottarini Medium 2020-08-13
Stored XSS at APM transaction map (transactionName field) Cross-site Scripting (XSS) - Stored skavans Medium 2020-08-13
Unsafe charts embedding implementation leads to cross-account stored XSS and SSRF Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
IDOR allows accounts to view full name of other accounts based on email through share notes feature Privilege Escalation jon_bottarini Medium 2020-08-13
Ability to buy PRO subscriptions by arbitrary reduced prices Business Logic Errors skavans Low 2020-08-13
Cross-account stored XSS at embedded charts Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Stored XSS in notes (charts) because of insecure chart data JSON generation Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
NR-wide cross account access through misconfigured CORS-policy of multiple endpoints Improper Access Control - Generic skavans High 2020-08-13
Ability to run monitors' jobs of other accounts and to read these jobs content (including the secure credentials values) Insecure Direct Object Reference (IDOR) skavans High 2020-08-13
CSTI at Plugin page leading to active stored XSS (Publisher name) Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Urgent! Stored XSS at plugin's violations leading to account takeover Cross-site Scripting (XSS) - Stored skavans High 2020-08-13
Bypass of #447975 - view mobile application token though "Application Information" sidebar on Installation page Privilege Escalation jon_bottarini Low 2020-08-13
[synthetics.newrelic.com] SMTP header injection leads to (mass) arbitrary email sending CRLF Injection ldionmarcil Medium 2020-07-15
Host Header Injection Open Redirect masterhackor Low 2020-01-27
Password theft login.newrelic.com via Request Smuggling HTTP Request Smuggling albinowax High 2019-08-30
Password theft login.newrelic.com via Request Smuggling HTTP Request Smuggling albinowax High 2019-08-30
Giving myself access to NR1 UI / one.newrelic.com without the proper feature flags on my account Client-Side Enforcement of Server-Side Security jon_bottarini Low 2019-06-17
Giving myself access to NR1 UI / one.newrelic.com without the proper feature flags on my account Client-Side Enforcement of Server-Side Security jon_bottarini Low 2019-06-17
WordPress username enumeration (/author) Information Disclosure rootbakar Medium 2018-10-19
[NR Insights] Pull any Insights/NRQL data from any NR account Insecure Direct Object Reference (IDOR) jon_bottarini High 2018-10-15
DNS misconfiguration on email.alerts.newrelic.com Business Logic Errors hackerone77-222 Medium 2018-09-17
Insecure Infrastructure Integrations YML Loading leads to Windows Privilege Escalation Privilege Escalation fbogner High 2018-08-29
User to Admin privilege escalation in Infrastructure Conditions - /v2/accounts/1835740/alerts/conditions Privilege Escalation michiel Medium 2018-08-17
stamp2-azure-ext.newrelic.com is vulnerable to MS12-020 Remote File Inclusion scrszy Critical 2018-07-25
Missing security best practices (leads to further impact) Violation of Secure Design Principles badcracker Medium 2018-07-25
Stored XSS in Brower `name` field reflected in two pages Cross-site Scripting (XSS) - Stored ldionmarcil High 2018-07-20
Captcha Bypass on SignUp Form Privacy Violation apapedulimu Low 2018-05-10
[NR Infrastructure] Bypass of #200576 through GraphQL query abuse - allows restricted user access to root account license key Privilege Escalation jon_bottarini Medium 2018-05-02
Manipulation of submit payment request allows me to obtain Infrastructure Pro/Other Services for free or at greatly reduced price Business Logic Errors jon_bottarini Medium 2018-05-02
Newrelic s3 bucket is writeable and deleteable by authorized AWS users Improper Authentication - Generic kunal_bahl No rating 2018-05-02
Broken Authentication and session management OWASP A2 Improper Authentication - Generic ho_nc No rating 2018-05-02
Hyperlink Injection on adding active users Open Redirect japz Medium 2018-05-02
XSS (Reflected) Cross-site Scripting (XSS) - Generic mr_sharma_ None 2018-05-02
NR Internal_API call allows me to read the events/violations/policies/messages of ANY New Relic account (AND pull data from infrastructure) Insecure Direct Object Reference (IDOR) jon_bottarini High 2018-05-02
Bypass of my three other reports #267636 + #255894 + #271861 - (IDOR) Ability to see full name associated with other New Relic accounts Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2018-05-01
Drupal admin takeover via install.php not being performed prior to install. Privilege Escalation grampae High 2018-04-23
Bypass of my two other reports #267636 + #255894 - (IDOR) Ability to see full name associated with other New Relic accounts Insecure Direct Object Reference (IDOR) jon_bottarini Medium 2017-12-07
Unvalidated redirect in alerts.newrelic.com/auth/newrelic?origin= Open Redirect everardo No rating 2017-11-10
SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability Cryptographic Issues - Generic guifre Low 2017-11-10
Sub domain issues. None supplied itsaj3 No rating 2017-11-10
Stored XSS on BillingCountry parameter Cross-site Scripting (XSS) - Generic tsug0d High 2017-11-10
A user with restricted privileges is able to view Phone Number + Billing Email of account owner Improper Authentication - Generic jon_bottarini Low 2017-10-16
Open redirection Open Redirect seifelsallamy Low 2017-10-14
Cross site scripting in a subdomain of newrelic.com Cross-site Scripting (XSS) - Generic asaxena2190 Medium 2017-10-12
Privilege Escalation in Default Notification Preferences Privilege Escalation r0x33d No rating 2017-10-12
Privilege Escalation in Share Report Privilege Escalation r0x33d No rating 2017-10-12
[docs-ra.newrelic.com] subdomain and Drupal takeover via unconfigured endpoint Privilege Escalation ysx Medium 2017-10-12
Restricted User is able to edit Alert Conditions of Synthetics Monitors even if Synthetics Permissions is enabled by an admin Improper Authentication - Generic jon_bottarini Low 2017-10-12
CSRF For Adding Users None supplied atestpk Medium 2017-10-12
newrelic.atlassian.net - jira information disclosure Improper Authentication - Generic fng Low 2017-10-12
/accounts/USERID.json file is left open for Restricted User of organization disclosing Owners's Mobile Number and "billing_info, cc_email" Information Disclosure sahilmk No rating 2017-10-12
Insecure transition from HTTP to HTTPS in form post Information Disclosure d0rkerdevil No rating 2017-10-12
Directory listing - i am able to download all php_agent archive Information Disclosure cj862530 No rating 2017-10-12
Sensitive information disclosure Information Disclosure kothari No rating 2017-10-12
Moniter Failed Sends too many emails None supplied lulliii No rating 2017-10-12
Internal Ports Scanning via Blind SSRF Information Disclosure tungpun No rating 2017-10-11
SSRF in alerts.newrelic.com exposes entire internal network Server-Side Request Forgery (SSRF) albinowax Critical 2017-08-22
Restricted User can view multiple account details including customer_root_account_id, payment method, date of first payment, etc. Improper Authentication - Generic jon_bottarini Low 2017-04-27
Open Redirect Open Redirect intricate No rating 2017-03-20
Session Hijacking Improper Authentication - Generic xia_ulhusnain No rating 2017-03-20
Cache purge requests are not authenticated None supplied nuc No rating 2017-03-20
XSS in a newrelic.com site Cross-site Scripting (XSS) - Generic sinkmanu No rating 2017-03-20
JIRA account misconfig causes internal info leak Information Disclosure kamil_hism No rating 2017-03-20
CSRF- delete all empty server policy Cross-Site Request Forgery (CSRF) amit29sept No rating 2017-03-20
CSRF - Delete all empty application policy Cross-Site Request Forgery (CSRF) amit29sept No rating 2017-03-20
https://rpm.newrelic.com/login vulnerable to host header attack Open Redirect geeknik No rating 2017-03-20
No Rate Limitation on Promo Code Memory Corruption - Generic daniyal_nasir No rating 2017-03-20
Reflected XSS on Signup Page Cross-site Scripting (XSS) - Generic itly No rating 2017-03-20
Unauthorized Access Improper Authentication - Generic apt No rating 2017-03-20
A Signup page does not properly validate the authenticity token at the server side. Cross-Site Request Forgery (CSRF) waqar_vicky No rating 2017-03-20
A Log in page does not properly validate the authenticity token at the server side Cross-Site Request Forgery (CSRF) waqar_vicky No rating 2017-03-20
Html injection in monitor name textbox Open Redirect zuh4n No rating 2017-02-22
[alerts.newrelic.com] Scanning local network via notification channel Privilege Escalation s_p_q_r No rating 2017-02-21
[download.newrelic.com] Access to private directories Privilege Escalation s_p_q_r No rating 2017-02-21
Mobile Authentication Endpoint Credentials Brute-Force Vulnerability Improper Authentication - Generic arneswinnen No rating 2017-02-19
Privilege Escalation In Moniter Privilege Escalation czd No rating 2017-02-19
Improper Session Management None supplied czd No rating 2017-02-19
open redirection at login Open Redirect seifelsallamy No rating 2017-02-18
Open redirection bypass . Open Redirect rohan_x3 No rating 2017-02-18
Potential sub-domain hijacking None supplied danielhartnell Low 2017-02-18
SSO Authentication Bypass Improper Authentication - Generic danielhartnell No rating 2017-02-18
Leaking license key in source code Information Disclosure pradeepch99 No rating 2017-02-18
Cache-Control Misconfiguration Leads to Sensitive Information Leakage Information Disclosure geekboy No rating 2017-02-18
APT repository is signed using weak digest (SHA-1) Cryptographic Issues - Generic reed Low 2017-02-18
CSRF vulnerability that allows an attacker to purge plugin metric data Cross-Site Request Forgery (CSRF) martijn No rating 2016-12-05
Stored Xss in rpm.newrelic.com Cross-site Scripting (XSS) - Generic hackerwahab No rating 2016-11-14
Emails and alert policies can be altered by malicious users. Improper Authentication - Generic hogarth45 No rating 2016-11-04
Host Header Injection / Cache Poisoning None supplied pavanw3b No rating 2016-11-04
Cookie Misconfiguration Improper Authentication - Generic cjlegacion No rating 2016-11-04
Open redirection Open Redirect seifelsallamy No rating 2016-11-03
Session Management Flaw Improper Authentication - Generic babayaga_ No rating 2016-10-08
HOST HEADER INJECTION in rpm.newrelic.com Open Redirect noob-boy No rating 2016-10-08
Password disclosure during signup process Information Disclosure foundstone-kunal No rating 2016-09-26
Sensitive information contained with New Relic APM iOS application Information Disclosure todayisnew No rating 2016-09-26
Unsafe HTML in reset password email and Account verification in email is missing in Sign up Open Redirect karthic No rating 2016-09-26
newrelic.com rails directory traversal vuln Code Injection droidsec No rating 2016-09-26
Login Open Redirect Open Redirect pewpew No rating 2016-09-19
Basic Authorization over HTTP Improper Authentication - Generic hassham No rating 2016-09-07
SSRF on synthetics.newrelic.com permitting access to sensitive data Information Disclosure ylujion No rating 2016-09-05
Blind SSRF on synthetics.newrelic.com Information Disclosure ylujion No rating 2016-09-05
Java RMI (Remote Code Execution) Code Injection leba No rating 2016-09-02
User enumeration possible from log-in timing difference None supplied cisplatin No rating 2016-08-27
CSV Injection in sub_accounts.csv Command Injection - Generic cisplatin No rating 2016-08-27
CSRF - Regenerate all admin api keys Cross-Site Request Forgery (CSRF) scorppy No rating 2016-08-27
Server Side Browsing - localhost open port enumeration Information Disclosure aiacobelli No rating 2016-08-27
No validation on account names Violation of Secure Design Principles ashish_r_padelkar No rating 2016-08-27
Missing rate limit on password Improper Authentication - Generic malcolmx No rating 2016-08-27
http://newrelic.com SSRF/XSPA None supplied grampae No rating 2016-08-27
Login CSRF vulnerability Cross-Site Request Forgery (CSRF) jackcyril No rating 2016-08-13
All Active user sessions should be destroyed when user change his password! Improper Authentication - Generic rahul_ch No rating 2016-08-13
Vulnerable Link Leaks the User Names Improper Authentication - Generic daniyal_nasir No rating 2016-08-06
All the active session should destroy when user change his password Improper Authentication - Generic smil3 No rating 2016-08-06
no email confirmation on signup None supplied rahul_ch No rating 2016-08-06
newrelic.com vulnerable to clickjacking ! None supplied rahul_ch No rating 2016-08-06
No CSRF validation on Account Monitors in Synthetics Block Cross-Site Request Forgery (CSRF) daniyal_nasir No rating 2016-07-13
Normal user can set "Job title" of other users by Direct Object Reference Privilege Escalation sarwarjahan No rating 2016-07-13
Potential Subdomain Takeover - http://storefront.newrelic.com/ Privilege Escalation charliehacks No rating 2016-06-20
Html injection in monitor name textbox Open Redirect karthic No rating 2016-06-20
Open redirection bypass Open Redirect shailesh4594 No rating 2016-06-13
rpm.newrelic.com - monitor creation to other accounts None supplied vikinghoarder No rating 2016-06-13
Session takeover None supplied thalaivar__subu No rating 2016-06-07
[login.newrelic.com] XSS via return_to Cross-site Scripting (XSS) - Generic s_p_q_r No rating 2016-05-23
Stored XSS through Angular Expression Sandbox Escape Cross-site Scripting (XSS) - Generic ryhanson No rating 2016-05-22
SUBDOMAIN TAKEOVER(FIXED) Violation of Secure Design Principles kiraak-boy No rating 2016-05-21
Open redirection on login Open Redirect shailesh4594 No rating 2016-05-21
https://rpm.newrelic.com/.htaccess file is world readable Information Disclosure geeknik No rating 2016-05-21
Clickjacking on authenticated pages which is inscope for New Relic Improper Authentication - Generic trabajoduro_2 No rating 2016-05-21
New Relic - Session Hijacking None supplied ahsan No rating 2016-05-13
Stored Cross-Site Scripting via Angular Template Injection Cross-site Scripting (XSS) - Generic fitzpr No rating 2016-05-09
Too many included lookups Memory Corruption - Generic trabajoduro_2 No rating 2016-05-03
Synthetics Xss Command Injection - Generic mg94 No rating 2016-04-25
Old CAPTCHA offers no protection None supplied cisplatin No rating 2016-04-08