Mail.ru: Reflected XSS https://tracker.my.com

Reflected XSS on tracker.my.com via GET parameter iconUrl...

Mail.ru: tracker.my.com information disclosure via csrf bypass

CSRF vulnerability in tracker.my.com allowed attacker to invite himself as a project owner via crossite request...

Mail.ru: [beta.tracker.my.com] XSS Request-URI

Reflected XSS via GET parameters in beta.tracker.my.com tracker.my.com is not currently covered with bug bounty program...