HackerOne: Information leakage of private program

Hello team, I noticed an issue in Directory where information of a soft-launched program getting disclosed! I made this request as an unauthecated user, http GET /programs/search?query█████████&sort=publishedat%3Adescending&page=1 HTTP/1.1 Host: hackerone.com User-Agent: Mozilla/5.0 Windows NT...

Gratipay: Authentication errors in server side validaton of E-MAIL

To be honest, I'm not sure if there is any real security implications of this bug, but it's something which should be fixed at some point since it'll be pretty easy. I'm going to describe the issue with reproducible steps: 1. Navigate to Gratipay Settings Page...