Redtube


6 total issues disclosed

$15,500 total paid publicly


Most disclosed (3 disclosures) — Cross-site Scripting (XSS) - Stored

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Deserialization of untrusted data at https://www.redtube.com/media/hls?s=data Deserialization of Untrusted Data kevsecurity Critical 2021-09-24
Blind XSS in redtube administering site my.reflected.net Cross-site Scripting (XSS) - Stored johndoe1492 High 2020-02-07
idor allows you to delete photos and album from a gallery Insecure Direct Object Reference (IDOR) black_b Critical 2019-05-03
Stored XSS on the https://www.redtube.com/users/[profile]/collections Cross-site Scripting (XSS) - Stored sp1d3rs High 2018-10-10
Stored XSS in galleries - https://www.redtube.com/gallery/[id] path Cross-site Scripting (XSS) - Stored sp1d3rs High 2018-10-10
CSRF Full Account Takeover - https://redtube.com/settings Cross-Site Request Forgery (CSRF) haythamnaamane High 2018-09-27