HackerOne: Temporary banned user (from platform) is able to make submissions via embedded submission forms

Summary: Hello team! We have discovered issue which allows temporary banned user to submit new reports using embedded submission forms. The hacker can submit submissions via embedded forms using his/her email address. Once the ban is over the hacker can claim his/her report via invitation link...

CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...