Robinhood Program Statistics
2 total issues disclosed
$100 total paid publicly
Most disclosed (1 disclosures) — Cross-Site Request Forgery (CSRF)
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
httponly flag not set + csrftoken in url | Cross-Site Request Forgery (CSRF) | d0rkerdevil | None | 2017-04-17 |
Open Redirect located at https://www.robinhood.com/oauth2/authorize/? | Open Redirect | jon_bottarini | Low | 2017-04-13 |