HackerOne: New Hacktivity features:Bounty rewards leakage Where programs doesn’t decide to disclose bounty in limited disclosure report

The report describes a vulnerability where users could access hidden bounty information on the HackerOne Hacktivity page. Specifically, by using a filter to search for reports with a specific total awarded amount, the actual bounty amount was revealed, even if the program chose to limit the...