Uncategorized
Trending

HackerOne Awarded $3500 In Bounties For Two Vulnerabilities.

HackerOne Awarded $3500 In Bounties For Two Vulnerabilities Affecting The Platform. HackerOne isn’t only a platform that is helping the businesses to stay safe. Rather, it also welcomes bug reports from the researchers for its own vulnerabilities too. Moreover, it also acknowledges the efforts of the researchers by awarding bounties. Recently, HackerOne awarded $3500 in bounties within two days to different researchers who reported information disclosure vulnerabilities affecting the platform. HackerOne Information Disclosure Vulnerabilities Reportedly, the popular cybersecurity platform HackerOne exhibited two different security flaws. Specifically, two different researchers found information disclosure vulnerabilities affecting different features of the platform. The first of these vulnerabilities caught attention of the researcher with alias ‘nathand’. As elaborated in a HackerOne report, they found that searching specific words in Hacktivity exposed some private or redacted information through search results. According to the researcher, By abusing this, an attacker could reveal content hidden in a limited disclosed report. However, HackerOne clarified that this issue only affected some publicly disclosed reports. They also assured no exploitation of the bug. The vulnerability received a medium severity rating with a score of 4.4. Another researcher with alias ‘ayid’ found the other vulnerability exposing information. As elaborated in another report, he noticed that latest_activity_id and latest_activity_at exposed internal discussion to unauthorized users. HackerOne rated this bug as ‘low’ severity flaw with a score of 3.4. Researchers Won $3500 Bounties HackerOne promptly acknowledged both the bugs and patched them. Not only the platform fixed the vulnerabilities, but it also awarded the researchers with bounties. Specifically, the researcher nathand received $2500, whereas ayid received $1000. Following the fixes, HackerOne permitted public disclosure of the flaws. HackerOne is a platform known for developing coordination between businesses and the cybersecurity community. The platform supports the firms to stay safe from potential cyber attacks, whereas the researchers also get the opportunity to make money through their efforts of finding vulnerabilities. Let us know your thoughts in the comments.

Did you like this?
Tip Ankush Gaikwad with Cryptocurrency

Donate Bitcoin to Ankush Gaikwad

Scan to Donate Bitcoin to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send some bitcoin:

Donate Bitcoin Cash to Ankush Gaikwad

Scan to Donate Bitcoin Cash to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send bitcoin:

Donate Ethereum to Ankush Gaikwad

Scan to Donate Ethereum to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send some Ether:

Donate Litecoin to Ankush Gaikwad

Scan to Donate Litecoin to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send some Litecoin:

Donate Monero to Ankush Gaikwad

Scan to Donate Monero to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send some Monero:

Donate ZCash to Ankush Gaikwad

Scan to Donate ZCash to Ankush Gaikwad
Scan the QR code or copy the address below into your wallet to send some ZCash:
Our Score
Our Reader Score
[Total: 1 Average: 5]

Tags

Ankush Gaikwad

Software/web/App Developer and Cyber Security Investigator

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Close
Open chat
1
Hello
Welcome to CYBRAIN INFOSEC
...you are chatting direct to Mr.Ancush Gaikwad (CTO).Feel free to share your query with him.
REGARDS
CYBRAIN INFOSEC
Powered by

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

CYBRAIN INFOSEC will use the information you provide on this form to be in touch with you and to provide updates and marketing.