Robinhood


2 total issues disclosed

$100 total paid publicly


Most disclosed (1 disclosures) — Cross-Site Request Forgery (CSRF)

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
httponly flag not set + csrftoken in url Cross-Site Request Forgery (CSRF) d0rkerdevil None 2017-04-17
Open Redirect located at https://www.robinhood.com/oauth2/authorize/? Open Redirect jon_bottarini Low 2017-04-13