Zivver Program Statistics
4 total issues disclosed
$0 total paid publicly
Most disclosed (1 disclosures) — Business Logic Errors
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
Bypassing Rate limit for forgot password by using different ip addresses | Violation of Secure Design Principles | dhirenkumar8280 | Low | 2021-09-15 |
one delegate can add another delegate and delete other delegates, exposing all confidential inbox messages | Privilege Escalation | mavericknerd | High | 2021-06-21 |
Two-factor authentication can be disabled when logged in without 2fa or password confirmation | Business Logic Errors | nikolat3sla | Medium | 2020-10-19 |
XXE Injection through SVG image upload leads to SSRF | XML External Entities (XXE) | swaysthinking | None | 2020-10-06 |