HackerOne: Blind SSRF on errors.hackerone.net due to Sentry misconfiguration

Summary: When setting up Sentry you should turn off "source code scrapping". If it is turned on, then server that has Sentry on it will make blind get requests everywhere controlled from outside via error reporting. Description: Hello Hackerone team. In your CSP I found ?sentrykey parameter, so i...