bugbountytips

Research Posts (2)

• Jun 11, 2020

  Open Redirect in Flattr

  Reported a low impact Open Redirect to Flattr
• Jul 29, 2021

  CraftCMS Zero-day Chain: XSS to SSTI triggering RCE

  Reported CVE-2021-27902 (XSS) and CVE-2021-27903 (SSTI) that can be chained together to gain Remote Code Execution in CraftCMS.