Redtube Program Statistics
6 total issues disclosed
$15,500 total paid publicly
Most disclosed (3 disclosures) — Cross-site Scripting (XSS) - Stored
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
Deserialization of untrusted data at https://www.redtube.com/media/hls?s=data | Deserialization of Untrusted Data | kevsecurity | Critical | 2021-09-24 |
Blind XSS in redtube administering site my.reflected.net | Cross-site Scripting (XSS) - Stored | johndoe1492 | High | 2020-02-07 |
idor allows you to delete photos and album from a gallery | Insecure Direct Object Reference (IDOR) | black_b | Critical | 2019-05-03 |
Stored XSS on the https://www.redtube.com/users/[profile]/collections | Cross-site Scripting (XSS) - Stored | sp1d3rs | High | 2018-10-10 |
Stored XSS in galleries - https://www.redtube.com/gallery/[id] path | Cross-site Scripting (XSS) - Stored | sp1d3rs | High | 2018-10-10 |
CSRF Full Account Takeover - https://redtube.com/settings | Cross-Site Request Forgery (CSRF) | haythamnaamane | High | 2018-09-27 |