Grandpa

Just got a reward for a vulnerability submitted on @yeswehack -- Insecure Direct Object Reference (IDOR) (CWE-639). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- Improper Access Control - Generic (CWE-284). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- HTML Injection (CWE-79). yeswehack.com/hunters/grandpa #YesWeRHackers

@RitikShilp80441 @yeswehack That one was really quick, but it was actually an insecure design / IDOC issue. Triage decided to call it IDOR for some reason.

@_axwr @yeswehack nice find. how long did it take you to spot it?

Just got a reward for a vulnerability submitted on @yeswehack -- Insecure Direct Object Reference (IDOR) (CWE-639). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- Cross-Site Request Forgery (CSRF) (CWE-352). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a high vulnerability submitted on @yeswehack -- Server-Side Request Forgery (SSRF) (CWE-918). yeswehack.com/hunters/grandpa #YesWeRHackers

(n2) Just got a reward for a vulnerability submitted on @yeswehack -- HTML Injection (CWE-79). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- HTML Injection (CWE-79). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- Violation of Secure Design Principles (CWE-657). yeswehack.com/hunters/grandpa #YesWeRHackers

Just got a reward for a vulnerability submitted on @yeswehack -- Cross-site Scripting (XSS) - Reflected (CWE-79). yeswehack.com/hunters/grandpa #YesWeRHackers