HackerOne: Stored XSS on www.hackerone.com due to deleted S3-bucket from old page_widget

A stored XSS vulnerability was found on www.hackerone.com due to a deleted S3-bucket from an old pagewidget. An attacker could claim the bucket and run JavaScript on the website, potentially allowing them to steal user data or perform actions on behalf of the user. The vulnerability was reported ...