Stealing OAuth tokens of connected Microsoft accounts via open redirect in Harvest App October 21, 2023 ◦ 4 min ◦ Security #OAuth #Open Redirect #Harvest #HackerOne #Microsoft #Token Leak #Bug Bounty
Unrestricted access to any "connected pack" in docs in coda.io June 24, 2020 ◦ 1 min ◦ security #Broken Access Control #coda.io #HackerOne #bug bounty #trial feature #coda connected pack
Account Takeover on unverified emails in File Sync & Share in Acronis June 24, 2020 ◦ 1 min ◦ Security #account takeover #unverified emails #File Sync & Share #Acronis #HackerOne #bug bounty
Open Redirect in Flattr June 11, 2020 ◦ 1 min ◦ Security #open redirect #Flattr #bug bounty #HackerOne #bugbountytips