Ping Identity Bug Bounty Program Statistics | BugBountyHunter.com

Ping Identity Program Statistics

7 total issues disclosed

$900 total paid publicly

Most disclosed (2 disclosures) — Violation of Secure Design Principles

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Broken Link on Ping Identity's Vulnerability Submission Form on Hackerone	Violation of Secure Design Principles	awararesearcher	Low	2021-06-16
Stored XSS in Application menu via Home Page Url	Cross-site Scripting (XSS) - Stored	renniepak	Medium	2020-11-16
Session misconfiguration on change password feature at https://apps-staging.pingone.com/myaccount/?environmentId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx#	Violation of Secure Design Principles	gujjuboy10x00	Low	2020-11-16
Forbidden access to https://apps-staging.pingone.com but "/packages.json" visible and full path disclosure	Improper Access Control - Generic	mjigar821	Low	2020-11-16
Session misconfiguration on forget password feature at https://ort-admin.pingone.com	Insufficient Session Expiration	gujjuboy10x00	Low	2020-11-16
Google Maps API key leaked during device pairing	Information Exposure Through Sent Data	bug_digger21	Medium	2020-04-29
Internal Hostname disclosure from multiple Apache servers via blank host header method	Information Disclosure	jackb898	Low	2020-03-12