Dropbox Acquisitions: Get email ID of any user on hackpad.com

goto hackpad.com wherever you see the profile picture of the user right click and goto Inspect element you will get this: we can clearly see the email address of the user in the above tag and thus the User information is leaked!...

Dropbox Acquisitions: Privilege Escalation at invite feature @hackpad.com

Hey! I would like to report Privilege Escalation @hackpad.com's Invite feature. Description : Hackpad allows admin of the workspace to add/invite users for admin/member/guest etc roles. I can able to grant that access to any one with just one click. Attack Scenario: Lets say you have workspace...