HackerOne: Server Side Request Forgery (SSRF) via Analytics Reports

We recently received a critical server-side request forgery SSRF vulnerability report through our bug bounty program. The issue allowed attackers to make internal requests from our application servers by exploiting a lack of output sanitization in an error message. By crafting malicious requests,...

HackerOne: Organization members can delete reports in teams they have no access to

Reports in teams could be deleted by organization members without access to those teams. The vulnerability allowed deletion of analytics reports for restricted teams through a GraphQL mutation even when members lacked permissions to view or edit those reports...