PortSwigger Web Security


18 total issues disclosed

$7,050 total paid publicly


Most disclosed (4 disclosures) — Man-in-the-Middle

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Information disclosure on error message Information Exposure Through an Error Message cometome780 Low 2021-11-15
RCE in 'Copy as Node Request' BApp via code injection Code Injection ryotak None 2021-04-22
HTML Injection in Swing can disclose netNTLM hash or cause DoS Information Disclosure issuefinder Medium 2021-03-29
SMTP interaction theft via MITM Cryptographic Issues - Generic duesee Medium 2020-11-04
Build fetches jars over HTTP Man-in-the-Middle jlleitschuh Medium 2019-06-10
Build fetches jars over HTTP Man-in-the-Middle jlleitschuh Medium 2019-06-10
Build fetches jars over HTTP Man-in-the-Middle jlleitschuh Medium 2019-06-10
Browser Self XSS Protection not implemented Information Disclosure allenaleen No rating 2018-09-26
Activat burp suite pro with the old license after transfared to anothe account Business Logic Errors egyptghost1 None 2018-07-19
burp does not validate the common name of the presented collaborator server certificate Man-in-the-Middle morisson Medium 2018-06-13
Leak of Platform Authentication credentials via Repeater Information Disclosure jupenur Low 2018-06-13
Improper Certificate Validation Improper Certificate Validation da3mon Low 2018-01-02
Misconfiguration: Missing Custom Error Page (CWE-12 & CWE-756) None supplied tarwadahorse No rating 2017-05-16
Email Spoofing Violation of Secure Design Principles dhamu007 Low 2017-02-14
HTTP OPTION Method is Enabled on portswigger.net Violation of Secure Design Principles wragg-s Low 2016-12-27
JSBeautifier BApp: Race condition leads to memory disclosure Memory Corruption - Generic jelmer High 2016-12-07
Order-phishing via Payment ID URL Cross-Site Request Forgery (CSRF) sp1d3rs Low 2016-11-30
XSS in IE11 on portswigger.net via Flash Cross-site Scripting (XSS) - Generic opnsec No rating 2016-11-30