bit.do Cross Site Scripting vulnerability OBB-2449326

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

bit.do Cross Site Scripting vulnerability OBB-2129817

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

50m-ctf: CTF Writeup - c8889970d9fb722066f31e804e351993

CTF Code: c8889970d9fb722066f31e804e351993 HackerOne $50M CTF Write-Up ============ I came across this tweet announcing the HackerOne CTF for invitations to the HackerOne event in Vegas during DEFCON. I tried searching for a URL for the CTF, but couldn't find anything online, so I assumed that th...

bit.do XSS vulnerability

Vulnerable URL: http://bit.do/modperl//url-shortener.pl?action=logout"'--!confirmOPENBUGBOUNTY...

bit.do XSS vulnerability

Open Bug Bounty ID: OBB-293761 Description| Value ---|--- Affected Website:| bit.do Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

bit.do XSS vulnerability

Vulnerable URL: http://bit.do/modperl/url-shortener.pl?action=%22%3Etrolo%3Ci%3Etralala%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

bit.do XSS vulnerability

Open Bug Bounty ID: OBB-225943 Description| Value ---|--- Affected Website:| bit.do Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bit.do XSS vulnerability

Vulnerable URL: http://bit.do/gew5- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 40759 Google Pagerank| 3 VIP website status:| Yes Check bit.do SSL connection:| Grade: F...

bit.do Open Redirect vulnerability

Vulnerable URL: http://bit.do/modperl/url-shortener.pl?action=logout=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 03.02.2016 Latest check for patch:| 03.02.2016 04:40 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...