Vend by Lightspeed Program Statistics
2 total issues disclosed
$0 total paid publicly
Most disclosed (1 disclosures) — Insecure Direct Object Reference (IDOR)
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
Race Condition : Exploiting the loyalty claim https://xxx.vendhq.com/loyalty/claim/email/xxxxx url and gain x amount of loyalty bonus/cash | Violation of Secure Design Principles | stok | Medium | 2018-06-07 |
Improper access control on adding a Register to an Outlet | Insecure Direct Object Reference (IDOR) | al88nsk | Medium | 2018-05-02 |