API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 8th, 2018
5,806
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 34.85 KB | None | 0 0
raw download clone embed print report
  1. [
  2. {
  3. u'swag':False,
  4. u'voters':[
  5. u'sameerphad72'
  6. ],
  7. u'substate':u'not-applicable',
  8. u'title':u'Global defaming of any twitter user',
  9. u'url':u'/reports/434689',
  10. u'latest_disclosable_activity_at': u'2018-12-06T23:43:48.689 Z',
  11. u'reporter':{
  12. u'username':u'csanuragjain',
  13. u'url':u'/csanuragjain',
  14. u'id':58139
  15. },
  16. u'latest_disclosable_action':u'disclosed',
  17. u'severity_rating':u'critical',
  18. u'bounty_disclosed':True,
  19. u'vote_count':1,
  20. u'team':{
  21. u'url':u'/twitter',
  22. u'profile':{
  23. u'name':u'Twitter'
  24. },
  25. u'handle':u'twitter',
  26. u'profile_picture_urls':{
  27. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/061/4acfe72859c5e9cb48a152edb4e498e13fa28df2_small.?1439954730',
  28. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/061/e78ef26a3191adcabe7311daa107bd9e152d3b5c_medium.?1439954730'
  29. }
  30. },
  31. u'requires_view_privilege':False,
  32. u'id':434689,
  33. u'readable_substate':u'N/A'
  34. },
  35. {
  36. u'swag':False,
  37. u'voters':[
  38. u'sp1d3rs',
  39. u's_p_q_r',
  40. u'ak1t4',
  41. u'mygf',
  42. u'mobius07',
  43. u'null-byte',
  44. u'japz',
  45. u'zhaker0ne-bbh',
  46. u'mrr3boot',
  47. u'cryptographer',
  48. u'and 1 more...'
  49. ],
  50. u'substate':u'resolved',
  51. u'reporter':{
  52. u'username':u'vijay_kumar1110',
  53. u'url':u'/vijay_kumar1110',
  54. u'id':16230
  55. },
  56. u'url':u'/reports/154405',
  57. u'latest_disclosable_activity_at': u'2018-12-06T15:04:05.411 Z',
  58. u'title':u'Read access to hidden orders,
  59. products,
  60. customers etc. by limited access Staff member through reference page in Comments (Information disclosure )',
  61. u'total_awarded_bounty_amount':u'500.00',
  62. u'latest_disclosable_action':u'disclosed',
  63. u'bounty_disclosed':True,
  64. u'vote_count':11,
  65. u'team':{
  66. u'url':u'/shopify',
  67. u'profile':{
  68. u'name':u'Shopify'
  69. },
  70. u'handle':u'shopify',
  71. u'profile_picture_urls':{
  72. u'small': u'https://profile-photos.hackerone-user-content.com/000/001/382/1e9872bf9cfe04008c2673e07bfecaa83858cca1_small.jpg?1532728703',
  73. u'medium': u'https://profile-photos.hackerone-user-content.com/000/001/382/30421c25f4a7b03ec3250e36efb64f7291402806_medium.jpg?1532728703'
  74. }
  75. },
  76. u'requires_view_privilege':False,
  77. u'id':154405,
  78. u'formatted_bounty':u'$500',
  79. u'readable_substate':u'Resolved'
  80. },
  81. {
  82. u'swag':False,
  83. u'voters':[
  84. u'emitrani',
  85. u'eveeez',
  86. u'lincoln9932',
  87. u'pisarenko',
  88. u'babayaga_',
  89. u'mygf',
  90. u'cryptographer',
  91. u'sameerphad72',
  92. u'pkemni',
  93. u'o2204922'
  94. ],
  95. u'substate':u'resolved',
  96. u'title':u'reflected XSS avito.ru',
  97. u'url':u'/reports/344429',
  98. u'latest_disclosable_activity_at': u'2018-12-06T09:45:27.803 Z',
  99. u'reporter':{
  100. u'username':u'lincoln9932',
  101. u'url':u'/lincoln9932',
  102. u'id':49373
  103. },
  104. u'latest_disclosable_action':u'disclosed',
  105. u'severity_rating':u'medium',
  106. u'bounty_disclosed':True,
  107. u'vote_count':10,
  108. u'team':{
  109. u'url':u'/avito',
  110. u'profile':{
  111. u'name':u'Avito'
  112. },
  113. u'handle':u'avito',
  114. u'profile_picture_urls':{
  115. u'small': u'https://profile-photos.hackerone-user-content.com/000/016/112/d0c32255a937980f8f8d03d56115ffeae2c731b5_small.?1478019451',
  116. u'medium': u'https://profile-photos.hackerone-user-content.com/000/016/112/80fe1136be7f39fdc571d088a583366d475f33cb_medium.?1478019451'
  117. }
  118. },
  119. u'requires_view_privilege':False,
  120. u'id':344429,
  121. u'readable_substate':u'Resolved'
  122. },
  123. {
  124. u'swag':False,
  125. u'voters':[
  126. u'muon4',
  127. u'eveeez',
  128. u'0xhelloworld',
  129. u'an0nym0us',
  130. u'ak1t4',
  131. u'th3plumb3r',
  132. u'babayaga_',
  133. u'mygf',
  134. u'c1231665',
  135. u'ankitsingh',
  136. u'and 25 more...'
  137. ],
  138. u'substate':u'resolved',
  139. u'title': u'Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account',
  140. u'url':u'/reports/423022',
  141. u'latest_disclosable_activity_at': u'2018-12-06T02:35:56.704 Z',
  142. u'reporter':{
  143. u'username':u'avinash_',
  144. u'url':u'/avinash_',
  145. u'id':173906
  146. },
  147. u'total_awarded_bounty_amount':u'512.00',
  148. u'latest_disclosable_action':u'disclosed',
  149. u'severity_rating':u'high',
  150. u'bounty_disclosed':True,
  151. u'vote_count':35,
  152. u'team':{
  153. u'url':u'/discourse',
  154. u'profile':{
  155. u'name':u'Discourse'
  156. },
  157. u'handle':u'discourse',
  158. u'profile_picture_urls':{
  159. u'small': u'https://profile-photos.hackerone-user-content.com/000/016/893/3dd37e1cfa3d9380ced573b87beae0c950703ddd_small.?1481849067',
  160. u'medium': u'https://profile-photos.hackerone-user-content.com/000/016/893/2ee366d05b47833a98f06c29cd5318d1bb134e20_medium.?1481849067'
  161. }
  162. },
  163. u'requires_view_privilege':False,
  164. u'id':423022,
  165. u'formatted_bounty':u'$512',
  166. u'readable_substate':u'Resolved'
  167. },
  168. {
  169. u'swag':False,
  170. u'voters':[
  171. u'bjeanes',
  172. u'bl4de',
  173. u'0x9090',
  174. u'eveeez',
  175. u'an0nym0us',
  176. u'th3plumb3r',
  177. u'babayaga_',
  178. u'mygf',
  179. u'craxerbikash',
  180. u'cryptographer',
  181. u'and 2 more...'
  182. ],
  183. u'substate':u'resolved',
  184. u'title':u'Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS',
  185. u'url':u'/reports/431561',
  186. u'latest_disclosable_activity_at': u'2018-12-05T21:46:17.298 Z',
  187. u'reporter':{
  188. u'username':u'bjeanes',
  189. u'url':u'/bjeanes',
  190. u'id':390819
  191. },
  192. u'total_awarded_bounty_amount':u'1500.00',
  193. u'latest_disclosable_action':u'disclosed',
  194. u'severity_rating':u'medium',
  195. u'bounty_disclosed':True,
  196. u'vote_count':12,
  197. u'team':{
  198. u'url':u'/rails',
  199. u'profile':{
  200. u'name':u'Ruby on Rails'
  201. },
  202. u'handle':u'rails',
  203. u'profile_picture_urls':{
  204. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/022/2883e997d5f9ddf2f1c31365d74abe52fc54c9c9_small.png?1383736680',
  205. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/022/1b2dab688cae8b769493f39137f09274a6b5f156_medium.png?1383736680'
  206. }
  207. },
  208. u'requires_view_privilege':False,
  209. u'id':431561,
  210. u'formatted_bounty':u'$1,
  211. 500 ', u' readable_substate':u'Resolved'
  212. },
  213. {
  214. u'swag':False,
  215. u'voters':[
  216. u'eveeez',
  217. u'th3plumb3r',
  218. u'babayaga_',
  219. u'mygf',
  220. u'craxerbikash',
  221. u'japz',
  222. u'asad_anwar',
  223. u'cryptographer',
  224. u'sameerphad72',
  225. u'sveh'
  226. ],
  227. u'substate':u'resolved',
  228. u'title':u'Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter',
  229. u'url':u'/reports/335735',
  230. u'latest_disclosable_activity_at': u'2018-12-05T08:07:56.874 Z',
  231. u'reporter':{
  232. u'username':u'chihuahua',
  233. u'url':u'/chihuahua',
  234. u'id':238742
  235. },
  236. u'total_awarded_bounty_amount':u'250.00',
  237. u'latest_disclosable_action':u'disclosed',
  238. u'severity_rating':u'high',
  239. u'bounty_disclosed':True,
  240. u'vote_count':10,
  241. u'team':{
  242. u'url':u'/localtapiola',
  243. u'profile':{
  244. u'name':u'LocalTapiola'
  245. },
  246. u'handle':u'localtapiola',
  247. u'profile_picture_urls':{
  248. u'small': u'https://profile-photos.hackerone-user-content.com/000/008/416/23d72f4d3433458578a2ce1b4cc7574a935e2316_small.png?1457688936',
  249. u'medium': u'https://profile-photos.hackerone-user-content.com/000/008/416/b913929e71e6e373cc437dbd4c96b7df758fdbe6_medium.png?1457688936'
  250. }
  251. },
  252. u'requires_view_privilege':False,
  253. u'id':335735,
  254. u'formatted_bounty':u'$250',
  255. u'readable_substate':u'Resolved'
  256. },
  257. {
  258. u'swag':False,
  259. u'voters':[
  260. u'bl4de',
  261. u'spam404',
  262. u'hunter',
  263. u'balis0ng',
  264. u's_p_q_r',
  265. u'mik317',
  266. u'0xc0ffee',
  267. u'flashdisk',
  268. u'theappsec',
  269. u'asad0x01_',
  270. u'and 50 more...'
  271. ],
  272. u'substate':u'resolved',
  273. u'title':u'A user can bypass approval step in Hacker Publishing feature,
  274. allowing them to publish reports immediately',
  275. u'url':u'/reports/452959',
  276. u'latest_disclosable_activity_at': u'2018-12-05T04:55:40.413 Z',
  277. u'reporter':{
  278. u'username':u'haxta4ok00',
  279. u'url':u'/haxta4ok00',
  280. u'id':49175
  281. },
  282. u'total_awarded_bounty_amount':u'2500.00',
  283. u'latest_disclosable_action':u'disclosed',
  284. u'severity_rating':u'medium',
  285. u'bounty_disclosed':True,
  286. u'vote_count':60,
  287. u'team':{
  288. u'url':u'/security',
  289. u'profile':{
  290. u'name':u'HackerOne'
  291. },
  292. u'handle':u'security',
  293. u'profile_picture_urls':{
  294. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/013/68fea1fe00dc833f4109e015738af4b374727e56_small.png?1445331713',
  295. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/013/28af2ada2cc00aa9427504fc5a14f587362df84b_medium.png?1445331713'
  296. }
  297. },
  298. u'requires_view_privilege':False,
  299. u'id':452959,
  300. u'formatted_bounty':u'$2,
  301. 500 ', u' readable_substate':u'Resolved'
  302. },
  303. {
  304. u'swag':False,
  305. u'voters':[
  306. u'eveeez',
  307. u'13ern',
  308. u'babayaga_',
  309. u'mygf',
  310. u'spetr0x',
  311. u'cryptographer',
  312. u'sameerphad72'
  313. ],
  314. u'substate':u'resolved',
  315. u'title':u'Imperfect CSRF To Overwrite Server Config at /go/admin/restful/configuration/file/POST/xml',
  316. u'url':u'/reports/240048',
  317. u'latest_disclosable_activity_at': u'2018-12-05T04:13:54.294 Z',
  318. u'reporter':{
  319. u'username':u'4cad',
  320. u'url':u'/4cad',
  321. u'id':164214
  322. },
  323. u'latest_disclosable_action':u'disclosed',
  324. u'severity_rating':u'medium',
  325. u'bounty_disclosed':True,
  326. u'vote_count':7,
  327. u'team':{
  328. u'url':u'/gocd',
  329. u'profile':{
  330. u'name':u'GoCD'
  331. },
  332. u'handle':u'gocd',
  333. u'profile_picture_urls':{
  334. u'small': u'https://profile-photos.hackerone-user-content.com/000/013/559/70fd3c380ff6241bc4c49df2e6817993fca4657f_small.?1465311808',
  335. u'medium': u'https://profile-photos.hackerone-user-content.com/000/013/559/2eefa9b4223a595138a3617a4cba1082b6eb062d_medium.?1465311808'
  336. }
  337. },
  338. u'requires_view_privilege':False,
  339. u'id':240048,
  340. u'readable_substate':u'Resolved'
  341. },
  342. {
  343. u'swag':False,
  344. u'voters':[
  345. u'an0nym0us',
  346. u'th3plumb3r',
  347. u'babayaga_',
  348. u'mygf',
  349. u'hariharan21',
  350. u'whitesector',
  351. u'craxerbikash',
  352. u'japz',
  353. u'spetr0x',
  354. u'cryptographer',
  355. u'and 6 more...'
  356. ],
  357. u'substate':u'resolved',
  358. u'title':u'Admin Macro Description Stored XSS',
  359. u'url':u'/reports/392457',
  360. u'latest_disclosable_activity_at': u'2018-12-05T00:10:17.368 Z',
  361. u'reporter':{
  362. u'username':u'hariharan21',
  363. u'url':u'/hariharan21',
  364. u'id':315451
  365. },
  366. u'total_awarded_bounty_amount':u'250.00',
  367. u'latest_disclosable_action':u'disclosed',
  368. u'severity_rating':u'medium',
  369. u'bounty_disclosed':True,
  370. u'vote_count':16,
  371. u'team':{
  372. u'url':u'/zendesk',
  373. u'profile':{
  374. u'name':u'Zendesk'
  375. },
  376. u'handle':u'zendesk',
  377. u'profile_picture_urls':{
  378. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/205/ff98ae0255b89059063ba495dd9f3ae4dad0ece1_small.jpg?1502908905',
  379. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/205/255d1c4e6dfc0b46260481d8f9899e925eb6d879_medium.jpg?1502908905'
  380. }
  381. },
  382. u'requires_view_privilege':False,
  383. u'id':392457,
  384. u'formatted_bounty':u'$250',
  385. u'readable_substate':u'Resolved'
  386. },
  387. {
  388. u'swag':False,
  389. u'voters':[
  390. u'eveeez',
  391. u'an0nym0us',
  392. u'axolotl',
  393. u'haxta4ok00',
  394. u'babayaga_',
  395. u'mygf',
  396. u'cyberunit',
  397. u'japz',
  398. u'securityteacher',
  399. u'smit',
  400. u'and 8 more...'
  401. ],
  402. u'substate':u'resolved',
  403. u'title':u'Notifications sent due to "Transfer report" functionality may be sent to users who are no longer authorized to see the report',
  404. u'url':u'/reports/442843',
  405. u'latest_disclosable_activity_at': u'2018-12-04T19:51:45.336 Z',
  406. u'reporter':{
  407. u'username':u'npbhatter17',
  408. u'url':u'/npbhatter17',
  409. u'id':154530
  410. },
  411. u'total_awarded_bounty_amount':u'500.00',
  412. u'latest_disclosable_action':u'disclosed',
  413. u'severity_rating':u'low',
  414. u'bounty_disclosed':True,
  415. u'vote_count':18,
  416. u'team':{
  417. u'url':u'/security',
  418. u'profile':{
  419. u'name':u'HackerOne'
  420. },
  421. u'handle':u'security',
  422. u'profile_picture_urls':{
  423. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/013/68fea1fe00dc833f4109e015738af4b374727e56_small.png?1445331713',
  424. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/013/28af2ada2cc00aa9427504fc5a14f587362df84b_medium.png?1445331713'
  425. }
  426. },
  427. u'requires_view_privilege':False,
  428. u'id':442843,
  429. u'formatted_bounty':u'$500',
  430. u'readable_substate':u'Resolved'
  431. },
  432. {
  433. u'swag':False,
  434. u'voters':[
  435. u'bl4de',
  436. u'kapytein',
  437. u'babayaga_',
  438. u'mygf',
  439. u'cyberunit',
  440. u'japz',
  441. u'cryptographer',
  442. u'sameerphad72',
  443. u'jeiie',
  444. u'1killerqueen',
  445. u'and 2 more...'
  446. ],
  447. u'substate':u'resolved',
  448. u'title':u'Stored XSS in merge request pages',
  449. u'url':u'/reports/409380',
  450. u'latest_disclosable_activity_at': u'2018-12-03T22:15:49.251 Z',
  451. u'reporter':{
  452. u'username':u'8ayac',
  453. u'url':u'/8ayac',
  454. u'id':266369
  455. },
  456. u'latest_disclosable_action':u'disclosed',
  457. u'severity_rating':u'high',
  458. u'bounty_disclosed':True,
  459. u'vote_count':12,
  460. u'team':{
  461. u'url':u'/gitlab',
  462. u'profile':{
  463. u'name':u'GitLab'
  464. },
  465. u'handle':u'gitlab',
  466. u'profile_picture_urls':{
  467. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/264/338ec4b43393873324e3f1911f2f107d025d13f1_small.png?1454722206',
  468. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/264/f40e550269de1c8aef9adbdfe728c9aa8163a7e5_medium.png?1454722206'
  469. }
  470. },
  471. u'requires_view_privilege':False,
  472. u'id':409380,
  473. u'readable_substate':u'Resolved'
  474. },
  475. {
  476. u'swag':False,
  477. u'voters':[
  478. u'bl4de',
  479. u'kapytein',
  480. u'geeknik',
  481. u'tulswani',
  482. u'babayaga_',
  483. u'mygf',
  484. u'kiraak-boy',
  485. u'cyberunit',
  486. u'cryptographer',
  487. u'sameerphad72',
  488. u'and 6 more...'
  489. ],
  490. u'substate':u'resolved',
  491. u'title':u'Unauthorized users may be able to view almost all informations related to Private projects.',
  492. u'url':u'/reports/407763',
  493. u'latest_disclosable_activity_at': u'2018-12-03T22:15:29.758 Z',
  494. u'reporter':{
  495. u'username':u'8ayac',
  496. u'url':u'/8ayac',
  497. u'id':266369
  498. },
  499. u'latest_disclosable_action':u'disclosed',
  500. u'severity_rating':u'medium',
  501. u'bounty_disclosed':True,
  502. u'vote_count':16,
  503. u'team':{
  504. u'url':u'/gitlab',
  505. u'profile':{
  506. u'name':u'GitLab'
  507. },
  508. u'handle':u'gitlab',
  509. u'profile_picture_urls':{
  510. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/264/338ec4b43393873324e3f1911f2f107d025d13f1_small.png?1454722206',
  511. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/264/f40e550269de1c8aef9adbdfe728c9aa8163a7e5_medium.png?1454722206'
  512. }
  513. },
  514. u'requires_view_privilege':False,
  515. u'id':407763,
  516. u'readable_substate':u'Resolved'
  517. },
  518. {
  519. u'swag':False,
  520. u'voters':[
  521. u'spam404',
  522. u'theappsec',
  523. u'geeknik',
  524. u'an0nym0us',
  525. u'appsecure_in',
  526. u'th3plumb3r',
  527. u'hecsv17',
  528. u'tulswani',
  529. u'babayaga_',
  530. u'mygf',
  531. u'and 42 more...'
  532. ],
  533. u'substate':u'resolved',
  534. u'reporter':{
  535. u'username':u'sandeep_hodkasia',
  536. u'url':u'/sandeep_hodkasia',
  537. u'id':139321
  538. },
  539. u'url':u'/reports/419731',
  540. u'latest_disclosable_activity_at': u'2018-12-03T07:02:09.557 Z',
  541. u'title':u' [
  542. www.zomato.com
  543. ] Blind XSS in one of the Admin Dashboard',
  544. u'total_awarded_bounty_amount':u'500.00',
  545. u'latest_disclosable_action':u'disclosed',
  546. u'bounty_disclosed':True,
  547. u'vote_count':52,
  548. u'team':{
  549. u'url':u'/zomato',
  550. u'profile':{
  551. u'name':u'Zomato'
  552. },
  553. u'handle':u'zomato',
  554. u'profile_picture_urls':{
  555. u'small': u'https://profile-photos.hackerone-user-content.com/000/002/943/7b54bc7a4a265c47ec0d946a6abf079078b82401_small.png?1526447675',
  556. u'medium': u'https://profile-photos.hackerone-user-content.com/000/002/943/dbb71f3e2a0e73fe819c0c2a3e4fbcdd24d138e9_medium.png?1526447675'
  557. }
  558. },
  559. u'requires_view_privilege':False,
  560. u'id':419731,
  561. u'formatted_bounty':u'$500',
  562. u'readable_substate':u'Resolved'
  563. },
  564. {
  565. u'swag':False,
  566. u'voters':[
  567. u'd0nut',
  568. u'michiel',
  569. u'kapytein',
  570. u'003random',
  571. u'mik317',
  572. u'0xc0ffee',
  573. u'karel_origin',
  574. u'asad0x01_',
  575. u'babayaga_',
  576. u'mygf',
  577. u'and 8 more...'
  578. ],
  579. u'substate':u'resolved',
  580. u'title':u'Import of repositories from GitHub is tied to username instead of immutable ID',
  581. u'url':u'/reports/452920',
  582. u'latest_disclosable_activity_at': u'2018-12-02T16:42:41.442 Z',
  583. u'reporter':{
  584. u'username':u'emitrani',
  585. u'url':u'/emitrani',
  586. u'id':206181
  587. },
  588. u'latest_disclosable_action':u'disclosed',
  589. u'severity_rating':u'low',
  590. u'bounty_disclosed':True,
  591. u'vote_count':18,
  592. u'team':{
  593. u'url':u'/liberapay',
  594. u'profile':{
  595. u'name':u'Liberapay'
  596. },
  597. u'handle':u'liberapay',
  598. u'profile_picture_urls':{
  599. u'small': u'https://profile-photos.hackerone-user-content.com/000/028/411/0782331e0ae0dfac7617ae2c5cc5f275a4a84ebe_small.?1524732576',
  600. u'medium': u'https://profile-photos.hackerone-user-content.com/000/028/411/eb1bc1321b1b84c9057c721f5705b51a93438fe2_medium.?1524732576'
  601. }
  602. },
  603. u'requires_view_privilege':False,
  604. u'id':452920,
  605. u'readable_substate':u'Resolved'
  606. },
  607. {
  608. u'swag':False,
  609. u'voters':[
  610. u'spam404',
  611. u'asad0x01_',
  612. u'ischleep',
  613. u'ashish_r_padelkar',
  614. u'an0nym0us',
  615. u'axolotl',
  616. u'michan001',
  617. u'haxta4ok00',
  618. u'babayaga_',
  619. u'mygf',
  620. u'and 18 more...'
  621. ],
  622. u'substate':u'resolved',
  623. u'title': u'Revoking user session in https://hackerone.com/settings/sessions does not revoke the GraphQL query session',
  624. u'url':u'/reports/417382',
  625. u'latest_disclosable_activity_at': u'2018-11-30T19:21:17.524 Z',
  626. u'reporter':{
  627. u'username':u'japz',
  628. u'url':u'/japz',
  629. u'id':78347
  630. },
  631. u'total_awarded_bounty_amount':u'500.00',
  632. u'latest_disclosable_action':u'disclosed',
  633. u'severity_rating':u'low',
  634. u'bounty_disclosed':True,
  635. u'vote_count':28,
  636. u'team':{
  637. u'url':u'/security',
  638. u'profile':{
  639. u'name':u'HackerOne'
  640. },
  641. u'handle':u'security',
  642. u'profile_picture_urls':{
  643. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/013/68fea1fe00dc833f4109e015738af4b374727e56_small.png?1445331713',
  644. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/013/28af2ada2cc00aa9427504fc5a14f587362df84b_medium.png?1445331713'
  645. }
  646. },
  647. u'requires_view_privilege':False,
  648. u'id':417382,
  649. u'formatted_bounty':u'$500',
  650. u'readable_substate':u'Resolved'
  651. },
  652. {
  653. u'swag':False,
  654. u'voters':[
  655. u'mygf',
  656. u'tiger24',
  657. u'sameerphad72'
  658. ],
  659. u'substate':u'resolved',
  660. u'title':u'Prototype pollution attack in node.extend',
  661. u'url':u'/reports/430831',
  662. u'latest_disclosable_activity_at': u'2018-11-30T14:01:57.506 Z',
  663. u'reporter':{
  664. u'username':u'asgerf',
  665. u'url':u'/asgerf',
  666. u'id':302864
  667. },
  668. u'latest_disclosable_action':u'disclosed',
  669. u'severity_rating':u'low',
  670. u'bounty_disclosed':True,
  671. u'vote_count':3,
  672. u'team':{
  673. u'url':u'/nodejs-ecosystem',
  674. u'profile':{
  675. u'name':u'Node.js third-party modules'
  676. },
  677. u'handle':u'nodejs-ecosystem',
  678. u'profile_picture_urls':{
  679. u'small': u'https://profile-photos.hackerone-user-content.com/000/023/949/309112251b444244d95977d1299148aae6482789_small.?1508679627',
  680. u'medium': u'https://profile-photos.hackerone-user-content.com/000/023/949/c1f5f15ac094c1327c13dd19f55dbcb7411272bd_medium.?1508679627'
  681. }
  682. },
  683. u'requires_view_privilege':False,
  684. u'id':430831,
  685. u'readable_substate':u'Resolved'
  686. },
  687. {
  688. u'swag':False,
  689. u'voters':[
  690. u'mygf',
  691. u'spetr0x',
  692. u'cryptographer',
  693. u'sameerphad72',
  694. u'santino'
  695. ],
  696. u'substate':u'resolved',
  697. u'reporter':{
  698. u'username':u'kiraak-boy',
  699. u'url':u'/kiraak-boy',
  700. u'id':37547
  701. },
  702. u'url':u'/reports/151680',
  703. u'latest_disclosable_activity_at': u'2018-11-30T13:51:55.712 Z',
  704. u'title':u'Possible SSRF at URL Parameter while creating a new package repository',
  705. u'latest_disclosable_action':u'disclosed',
  706. u'bounty_disclosed':True,
  707. u'vote_count':5,
  708. u'team':{
  709. u'url':u'/gocd',
  710. u'profile':{
  711. u'name':u'GoCD'
  712. },
  713. u'handle':u'gocd',
  714. u'profile_picture_urls':{
  715. u'small': u'https://profile-photos.hackerone-user-content.com/000/013/559/70fd3c380ff6241bc4c49df2e6817993fca4657f_small.?1465311808',
  716. u'medium': u'https://profile-photos.hackerone-user-content.com/000/013/559/2eefa9b4223a595138a3617a4cba1082b6eb062d_medium.?1465311808'
  717. }
  718. },
  719. u'requires_view_privilege':False,
  720. u'id':151680,
  721. u'readable_substate':u'Resolved'
  722. },
  723. {
  724. u'swag':False,
  725. u'voters':[
  726. u'mygf',
  727. u'0x08',
  728. u'spetr0x',
  729. u'cryptographer',
  730. u'sameerphad72',
  731. u'axif',
  732. u'santino',
  733. u'm_chennaiindia',
  734. u'niko-red'
  735. ],
  736. u'substate':u'resolved',
  737. u'reporter':{
  738. u'username':u'kiraak-boy',
  739. u'url':u'/kiraak-boy',
  740. u'id':37547
  741. },
  742. u'url':u'/reports/151678',
  743. u'latest_disclosable_activity_at': u'2018-11-30T13:36:41.067 Z',
  744. u'title':u'Cross Site Scripting',
  745. u'latest_disclosable_action':u'disclosed',
  746. u'bounty_disclosed':True,
  747. u'vote_count':9,
  748. u'team':{
  749. u'url':u'/gocd',
  750. u'profile':{
  751. u'name':u'GoCD'
  752. },
  753. u'handle':u'gocd',
  754. u'profile_picture_urls':{
  755. u'small': u'https://profile-photos.hackerone-user-content.com/000/013/559/70fd3c380ff6241bc4c49df2e6817993fca4657f_small.?1465311808',
  756. u'medium': u'https://profile-photos.hackerone-user-content.com/000/013/559/2eefa9b4223a595138a3617a4cba1082b6eb062d_medium.?1465311808'
  757. }
  758. },
  759. u'requires_view_privilege':False,
  760. u'id':151678,
  761. u'readable_substate':u'Resolved'
  762. },
  763. {
  764. u'swag':False,
  765. u'voters':[
  766. u'mygf',
  767. u'sameerphad72',
  768. u'niko-red'
  769. ],
  770. u'substate':u'duplicate',
  771. u'reporter':{
  772. u'username':u'kiraak-boy',
  773. u'url':u'/kiraak-boy',
  774. u'id':37547
  775. },
  776. u'url':u'/reports/151779',
  777. u'latest_disclosable_activity_at': u'2018-11-30T13:34:51.542 Z',
  778. u'title':u'Reflected XSS',
  779. u'latest_disclosable_action':u'disclosed',
  780. u'bounty_disclosed':True,
  781. u'vote_count':3,
  782. u'team':{
  783. u'url':u'/gocd',
  784. u'profile':{
  785. u'name':u'GoCD'
  786. },
  787. u'handle':u'gocd',
  788. u'profile_picture_urls':{
  789. u'small': u'https://profile-photos.hackerone-user-content.com/000/013/559/70fd3c380ff6241bc4c49df2e6817993fca4657f_small.?1465311808',
  790. u'medium': u'https://profile-photos.hackerone-user-content.com/000/013/559/2eefa9b4223a595138a3617a4cba1082b6eb062d_medium.?1465311808'
  791. }
  792. },
  793. u'requires_view_privilege':False,
  794. u'id':151779,
  795. u'readable_substate':u'Duplicate'
  796. },
  797. {
  798. u'swag':False,
  799. u'voters':[
  800. u'mygf',
  801. u'smit',
  802. u'cryptographer',
  803. u'sameerphad72',
  804. u'niko-red'
  805. ],
  806. u'substate':u'resolved',
  807. u'reporter':{
  808. u'username':u'pradeepch99',
  809. u'url':u'/pradeepch99',
  810. u'id':19143
  811. },
  812. u'url':u'/reports/151634',
  813. u'latest_disclosable_activity_at': u'2018-11-30T13:02:46.960 Z',
  814. u'title': u'XSS in http: //localhost:8153 /go/admin/config/server/update',
  815. u'latest_disclosable_action':u'disclosed',
  816. u'bounty_disclosed':True,
  817. u'vote_count':5,
  818. u'team':{
  819. u'url':u'/gocd',
  820. u'profile':{
  821. u'name':u'GoCD'
  822. },
  823. u'handle':u'gocd',
  824. u'profile_picture_urls':{
  825. u'small': u'https://profile-photos.hackerone-user-content.com/000/013/559/70fd3c380ff6241bc4c49df2e6817993fca4657f_small.?1465311808',
  826. u'medium': u'https://profile-photos.hackerone-user-content.com/000/013/559/2eefa9b4223a595138a3617a4cba1082b6eb062d_medium.?1465311808'
  827. }
  828. },
  829. u'requires_view_privilege':False,
  830. u'id':151634,
  831. u'readable_substate':u'Resolved'
  832. },
  833. {
  834. u'swag':False,
  835. u'voters':[
  836. u'tulswani',
  837. u'babayaga_',
  838. u'mygf',
  839. u'sameerphad72'
  840. ],
  841. u'substate':u'resolved',
  842. u'title':u'Prototype Pollution Vulnerability in mpath Package',
  843. u'url':u'/reports/390860',
  844. u'latest_disclosable_activity_at': u'2018-11-30T06:21:32.449 Z',
  845. u'reporter':{
  846. u'username':u'cris_semmle',
  847. u'url':u'/cris_semmle',
  848. u'id':320894
  849. },
  850. u'latest_disclosable_action':u'disclosed',
  851. u'severity_rating':u'high',
  852. u'bounty_disclosed':True,
  853. u'vote_count':4,
  854. u'team':{
  855. u'url':u'/nodejs-ecosystem',
  856. u'profile':{
  857. u'name':u'Node.js third-party modules'
  858. },
  859. u'handle':u'nodejs-ecosystem',
  860. u'profile_picture_urls':{
  861. u'small': u'https://profile-photos.hackerone-user-content.com/000/023/949/309112251b444244d95977d1299148aae6482789_small.?1508679627',
  862. u'medium': u'https://profile-photos.hackerone-user-content.com/000/023/949/c1f5f15ac094c1327c13dd19f55dbcb7411272bd_medium.?1508679627'
  863. }
  864. },
  865. u'requires_view_privilege':False,
  866. u'id':390860,
  867. u'readable_substate':u'Resolved'
  868. },
  869. {
  870. u'swag':False,
  871. u'voters':[
  872. u'mirchr',
  873. u'ziot',
  874. u'jobert',
  875. u'derision',
  876. u'spam404',
  877. u'kapytein',
  878. u'teknogeek',
  879. u's_p_q_r',
  880. u'mik317',
  881. u'0xc0ffee',
  882. u'and 98 more...'
  883. ],
  884. u'substate':u'resolved',
  885. u'title':u'SQL injection in GraphQL endpoint through embedded_submission_form_uuid parameter',
  886. u'url':u'/reports/435066',
  887. u'latest_disclosable_activity_at': u'2018-11-30T01:26:39.952 Z',
  888. u'reporter':{
  889. u'username':u'jobert',
  890. u'url':u'/jobert',
  891. u'id':2
  892. },
  893. u'latest_disclosable_action':u'disclosed',
  894. u'severity_rating':u'critical',
  895. u'bounty_disclosed':True,
  896. u'vote_count':108,
  897. u'team':{
  898. u'url':u'/security',
  899. u'profile':{
  900. u'name':u'HackerOne'
  901. },
  902. u'handle':u'security',
  903. u'profile_picture_urls':{
  904. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/013/68fea1fe00dc833f4109e015738af4b374727e56_small.png?1445331713',
  905. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/013/28af2ada2cc00aa9427504fc5a14f587362df84b_medium.png?1445331713'
  906. }
  907. },
  908. u'requires_view_privilege':False,
  909. u'id':435066,
  910. u'readable_substate':u'Resolved'
  911. },
  912. {
  913. u'swag':False,
  914. u'voters':[
  915. u'spam404',
  916. u'kapytein',
  917. u'asad0x01_',
  918. u'an0nym0us',
  919. u'axolotl',
  920. u'michan001',
  921. u'modam3r5',
  922. u'haxta4ok00',
  923. u'bhavi',
  924. u'bytehope',
  925. u'and 20 more...'
  926. ],
  927. u'substate':u'resolved',
  928. u'title':u'Attacker can claim credentials for private program that has a published external program',
  929. u'url':u'/reports/449680',
  930. u'latest_disclosable_activity_at': u'2018-11-29T19:43:59.929 Z',
  931. u'reporter':{
  932. u'username':u'jobert',
  933. u'url':u'/jobert',
  934. u'id':2
  935. },
  936. u'latest_disclosable_action':u'disclosed',
  937. u'severity_rating':u'medium',
  938. u'bounty_disclosed':True,
  939. u'vote_count':30,
  940. u'team':{
  941. u'url':u'/security',
  942. u'profile':{
  943. u'name':u'HackerOne'
  944. },
  945. u'handle':u'security',
  946. u'profile_picture_urls':{
  947. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/013/68fea1fe00dc833f4109e015738af4b374727e56_small.png?1445331713',
  948. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/013/28af2ada2cc00aa9427504fc5a14f587362df84b_medium.png?1445331713'
  949. }
  950. },
  951. u'requires_view_privilege':False,
  952. u'id':449680,
  953. u'readable_substate':u'Resolved'
  954. },
  955. {
  956. u'swag':False,
  957. u'voters':[
  958. u'mygf',
  959. u'sameerphad72'
  960. ],
  961. u'substate':u'resolved',
  962. u'title':u'Prototype pollution attack in just-extend',
  963. u'url':u'/reports/430291',
  964. u'latest_disclosable_activity_at': u'2018-11-29T17:13:19.437 Z',
  965. u'reporter':{
  966. u'username':u'asgerf',
  967. u'url':u'/asgerf',
  968. u'id':302864
  969. },
  970. u'latest_disclosable_action':u'disclosed',
  971. u'severity_rating':u'low',
  972. u'bounty_disclosed':True,
  973. u'vote_count':2,
  974. u'team':{
  975. u'url':u'/nodejs-ecosystem',
  976. u'profile':{
  977. u'name':u'Node.js third-party modules'
  978. },
  979. u'handle':u'nodejs-ecosystem',
  980. u'profile_picture_urls':{
  981. u'small': u'https://profile-photos.hackerone-user-content.com/000/023/949/309112251b444244d95977d1299148aae6482789_small.?1508679627',
  982. u'medium': u'https://profile-photos.hackerone-user-content.com/000/023/949/c1f5f15ac094c1327c13dd19f55dbcb7411272bd_medium.?1508679627'
  983. }
  984. },
  985. u'requires_view_privilege':False,
  986. u'id':430291,
  987. u'readable_substate':u'Resolved'
  988. },
  989. {
  990. u'swag':False,
  991. u'voters':[
  992. u'ak1t4',
  993. u'mygf',
  994. u'k_outis',
  995. u'whitesector',
  996. u'silv3rpoision',
  997. u'japz',
  998. u'base_64',
  999. u'asad_anwar',
  1000. u'0x08',
  1001. u'omespino',
  1002. u'and 16 more...'
  1003. ],
  1004. u'substate':u'resolved',
  1005. u'title':u'The POODLE attack (SSLv3 supported) at status.slack.com',
  1006. u'url':u'/reports/375097',
  1007. u'latest_disclosable_activity_at': u'2018-11-28T15:20:11.406 Z',
  1008. u'reporter':{
  1009. u'username':u'cryptographer',
  1010. u'url':u'/cryptographer',
  1011. u'id':252131
  1012. },
  1013. u'total_awarded_bounty_amount':u'500.00',
  1014. u'latest_disclosable_action':u'disclosed',
  1015. u'severity_rating':u'medium',
  1016. u'bounty_disclosed':True,
  1017. u'vote_count':26,
  1018. u'team':{
  1019. u'url':u'/slack',
  1020. u'profile':{
  1021. u'name':u'Slack'
  1022. },
  1023. u'handle':u'slack',
  1024. u'profile_picture_urls':{
  1025. u'small': u'https://profile-photos.hackerone-user-content.com/000/000/069/a44d7bfd843f514c723441a5a40daf5bac8e9e38_small.png?1449082084',
  1026. u'medium': u'https://profile-photos.hackerone-user-content.com/000/000/069/50cfd8e05b18bade214847ec5f61dcb9e6c85fa9_medium.png?1449082084'
  1027. }
  1028. },
  1029. u'requires_view_privilege':False,
  1030. u'id':375097,
  1031. u'formatted_bounty':u'$500',
  1032. u'readable_substate':u'Resolved'
  1033. }
  1034. ]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!