Most disclosed (1 disclosures) — Business Logic Errors

nikolat3sla has disclosed the most with 1 reports!

3 total issues disclosed

$0 total paid publicly

Launched on 2020-09-21

Accepts reports via HackerOne

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
one delegate can add another delegate and delete other delegates, exposing all confidential inbox messages Privilege Escalation mavericknerd High 2021-06-21
Two-factor authentication can be disabled when logged in without 2fa or password confirmation Business Logic Errors nikolat3sla Medium 2020-10-19
XXE Injection through SVG image upload leads to SSRF XML External Entities (XXE) swaysthinking None 2020-10-06