LogicalBreach Academy Feed

LogicalBreach Academy Feed https://academy.logicalbreach.com/ Latest bug bounty writeups, tools and security cheatsheets en-us Wed, 22 Apr 2026 03:25:23 GMT <![CDATA[SVG filter primitives bypass remote image blocking, enabling email tracking without consent.]]> https://academy.logicalbreach.com//writeups/svg-filter-primitives-bypass-remote-image-blocking-enabling-email-tracking-without-consent-ec314c70 13394821-a6ab-4e65-ac0f-75998a014b2f Tue, 21 Apr 2026 10:37:21 GMT https://hackerone.com/reports/3486747 by nullcathedral]]> <![CDATA[position: fixed !important bypasses CSS sanitizer's fixed-position mitigation, enabling full-viewport phishing overlays.]]> https://academy.logicalbreach.com//writeups/position-fixed-important-bypasses-css-sanitizer-s-fixed-position-mitigation-enabling-full-viewport-phishing-overlays-f5ab530c 4dd5d5e5-a841-4a6d-99d3-986049f34af8 Tue, 21 Apr 2026 10:36:27 GMT https://hackerone.com/reports/3590586 by nullcathedral]]> <![CDATA[Unquoted body background attribute enables CSS injection that bypasses remote image blocking]]> https://academy.logicalbreach.com//writeups/unquoted-body-background-attribute-enables-css-injection-that-bypasses-remote-image-blocking-e9c47a31 9bd9b3fb-019f-47aa-97a8-9f609c776a04 Tue, 21 Apr 2026 10:35:00 GMT https://hackerone.com/reports/3590583 by nullcathedral]]> <![CDATA[SMIL values and by attributes bypass remote image blocking via unvalidated resource-loading animations, enabling email tracking without consent]]> https://academy.logicalbreach.com//writeups/smil-values-and-by-attributes-bypass-remote-image-blocking-via-unvalidated-resource-loading-animations-enabling-email-tracking-without-consent-8262eb80 f03edaf9-201f-486f-826e-2a54f11263d8 Tue, 21 Apr 2026 10:34:03 GMT https://hackerone.com/reports/3590576 by nullcathedral]]> <![CDATA[Stored XSS in attachment-display exploitable through SameSite]]> https://academy.logicalbreach.com//writeups/stored-xss-in-attachment-display-exploitable-through-samesite-5b3d5697 9995cab9-4459-441e-a604-a5daec9c0604 Tue, 21 Apr 2026 10:33:04 GMT https://hackerone.com/reports/3594137 by aikido_security]]> <![CDATA[DOM XSS to High Severity via Credential Phishing Overlay]]> https://academy.logicalbreach.com//writeups/dom-xss-to-high-severity-via-credential-phishing-overlay-df9c3034 c7f521c5-c007-4816-bb02-3b630469012b Sun, 19 Apr 2026 14:17:51 GMT <![CDATA[Rails::HTML::Sanitizer.allowed_uri? returns true for entity-encoded control-character-split javascript: URLs]]> https://academy.logicalbreach.com//writeups/rails-html-sanitizer-allowed-uri-returns-true-for-entity-encoded-control-character-split-javascript-urls-6e802bf8 af4333fc-f811-4114-bca9-be4ca1c241a9 Sun, 19 Apr 2026 08:58:50 GMT https://hackerone.com/reports/3601655 by smlee]]> <![CDATA[Residual Malicious Payloads on HackerOne after Vulnerability Fixes]]> https://academy.logicalbreach.com//writeups/residual-malicious-payloads-on-hackerone-after-vulnerability-fixes-c8bf3f6a 97ff78c7-6228-467a-8fa4-b2c6d8edfbc0 Sat, 18 Apr 2026 10:19:54 GMT https://hackerone.com/reports/3168691 by joejoe5]]> <![CDATA[DOS via Mutation Aliasing in GraphQL Account Recovery Phone Number Verification API]]> https://academy.logicalbreach.com//writeups/dos-via-mutation-aliasing-in-graphql-account-recovery-phone-number-verification-api-b3ded1f5 bdec170a-1fae-4b2d-be1d-0cf4bea01af7 Sat, 18 Apr 2026 10:17:29 GMT https://hackerone.com/reports/3287208 by hellokbit]]> <![CDATA[DOM XSS in `fizzy.do` import filename preview enables one-click victim account takeover]]> https://academy.logicalbreach.com//writeups/dom-xss-in-fizzy-do-import-filename-preview-enables-one-click-victim-account-takeover-e52cba0f 09d5bb71-0811-4139-9219-50bb98a7f01c Sat, 18 Apr 2026 10:10:55 GMT https://hackerone.com/reports/3608199 by xavlimsg]]> <![CDATA[Improper Access Control in `fizzy.do` import flow allows cross-tenant ActionText reference resolution and data disclosure]]> https://academy.logicalbreach.com//writeups/improper-access-control-in-fizzy-do-import-flow-allows-cross-tenant-actiontext-reference-resolution-and-data-disclosure-1271160b ca76dbce-a475-4127-94e3-f48feee7f389 Sat, 18 Apr 2026 10:08:57 GMT https://hackerone.com/reports/3543475 by xavlimsg]]> <![CDATA[Brave Shields Domain Reordering Leads to Origin Confusion]]> https://academy.logicalbreach.com//writeups/brave-shields-domain-reordering-leads-to-origin-confusion-0201d210 5605615a-c949-42ae-b181-668ee1a8e691 Sat, 18 Apr 2026 10:06:14 GMT https://hackerone.com/reports/3665151 by mousepadkalilinux12]]> <![CDATA[Credential Disclosure via Unvalidated directDownloadUrl (Missing DontAddCredentialsAttribute)]]> https://academy.logicalbreach.com//writeups/credential-disclosure-via-unvalidated-directdownloadurl-missing-dontaddcredentialsattribute-d97535ec b9f907b5-0223-4830-82f8-1d98d084bd5f Sat, 18 Apr 2026 10:03:37 GMT https://hackerone.com/reports/3400143 by py0zz1]]> <![CDATA[[Duplicate] Open Redirect Flow Abuse via OAuth Validation Bypass]]> https://academy.logicalbreach.com//writeups/duplicate-open-redirect-flow-abuse-via-oauth-validation-bypass-32d63048 d6a29801-290c-41cf-95c6-10dc58ae9b5a Sat, 11 Apr 2026 18:03:51 GMT <![CDATA[[Duplicate] Reflected XSS to Account Takeover (Credential Hijacking)]]> https://academy.logicalbreach.com//writeups/duplicate-reflected-xss-to-account-takeover-credential-hijacking-6df42df2 9a055de6-cbba-4607-a43e-1b3c32351c0d Sat, 11 Apr 2026 17:59:00 GMT <![CDATA[[Vertical Privilege Escalation] User can Unapproved any Approved Translation at [/translations/unapprove/]]]> https://academy.logicalbreach.com//writeups/vertical-privilege-escalation-user-can-unapproved-any-approved-translation-at-translations-unapprove-6ac102c0 78a600af-3cb1-4c16-8ba2-85dfc43abbf6 Sat, 11 Apr 2026 16:52:28 GMT https://hackerone.com/reports/3020021 by adilnbabras]]> <![CDATA[User Can Delete Other Users' Personal Access Tokens at /delete-token/{token_id}/ on Mozilla Pontoon]]> https://academy.logicalbreach.com//writeups/user-can-delete-other-users-personal-access-tokens-at-delete-token-token-id-on-mozilla-pontoon-441a5866 2be31f50-e68d-47b5-8c66-32154817b0ec Sat, 11 Apr 2026 16:52:03 GMT https://hackerone.com/reports/3325582 by adilnbabras]]> <![CDATA[Unauthorized usage of External API Key (Usage of Google Maps API Key ==> $$$]]> https://academy.logicalbreach.com//writeups/unauthorized-usage-of-external-api-key-usage-of-google-maps-api-key-f5da9c47 69873175-251a-429a-b851-d16446113521 Wed, 08 Apr 2026 09:36:23 GMT https://hackerone.com/reports/881118 by avielt]]> <![CDATA[DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)]]> https://academy.logicalbreach.com//writeups/dll-side-loading-vulnerability-in-sony-music-center-for-pc-ver-2-7-2-latest-version-17dec387 d31e5ce7-d3da-4924-8071-65cd06cc082f Sat, 04 Apr 2026 15:40:56 GMT https://hackerone.com/reports/3355766 by resurrect20]]> <![CDATA[SSRF Filter Bypass via Unblocked NAT64 Local-Use IPv6 Prefix (64:ff9b:1::/48)]]> https://academy.logicalbreach.com//writeups/ssrf-filter-bypass-via-unblocked-nat64-local-use-ipv6-prefix-64-ff9b-1-48-4906744a ee7df73b-0bbd-4024-a4e0-b10af269acdb Sat, 04 Apr 2026 15:39:59 GMT https://hackerone.com/reports/3634400 by tipsen]]> <![CDATA[Path Traversal in writeFile via Unsafe Prefix Containment Check Allows Out-of-Directory Writes]]> https://academy.logicalbreach.com//writeups/path-traversal-in-writefile-via-unsafe-prefix-containment-check-allows-out-of-directory-writes-4621e948 60935ac3-91de-4fb8-b5c3-63b05a455267 Sat, 04 Apr 2026 15:25:03 GMT https://hackerone.com/reports/3634571 by tipsen]]> <![CDATA[Open Redirect — Base64-Encoded Parameter Bypasses Client-Side Validation on Login Page]]> https://academy.logicalbreach.com//writeups/open-redirect-base64-encoded-parameter-bypasses-client-side-validation-on-login-page-d33fb2e0 053dba54-9289-4d7a-926d-7bcb10a8e42d Wed, 01 Apr 2026 09:22:56 GMT <![CDATA[Information Disclosure — Unauthenticated API Exposes PII of 500+ Employees and Enterprise Clients]]> https://academy.logicalbreach.com//writeups/information-disclosure-unauthenticated-api-exposes-pii-of-500-employees-and-enterprise-clients-852b28b3 79211a1d-3ac6-4da0-bc2d-705a9d94a0ed Wed, 01 Apr 2026 09:20:38 GMT <![CDATA[HTML Injection via Email Address Payloads]]> https://academy.logicalbreach.com//writeups/html-injection-via-email-address-payloads-3b0e2d6e fb73a723-3dea-4719-b0f8-0dd5d3781c11 Tue, 24 Mar 2026 18:27:43 GMT <![CDATA[Fail-Open in set_tlsext_servername_callback on pyopenssl via unhandled exceptions leads to security bypass]]> https://academy.logicalbreach.com//writeups/fail-open-in-set-tlsext-servername-callback-on-pyopenssl-via-unhandled-exceptions-leads-to-security-bypass-dd575890 e12938d1-0ba3-45a8-8eff-3a53fb4ca70b Sat, 21 Mar 2026 10:24:09 GMT https://hackerone.com/reports/3558277 by uv3doble]]> <![CDATA[[Privilege Escalation] User can Pin|Unpin Any Comment on Any Project or Locale]]> https://academy.logicalbreach.com//writeups/privilege-escalation-user-can-pin-unpin-any-comment-on-any-project-or-locale-b91145b8 92c68f4b-e25b-47f7-b6de-1541ac07b3d3 Sat, 21 Mar 2026 10:23:13 GMT https://hackerone.com/reports/3025797 by adilnbabras]]> <![CDATA[Business Logic Flaw Allowing Free Plan Users to Assign Restricted Roles]]> https://academy.logicalbreach.com//writeups/business-logic-flaw-allowing-free-plan-users-to-assign-restricted-roles-5813b01a 2d623f8c-7ddb-4ad3-8258-1c81fb660e66 Wed, 18 Mar 2026 23:30:49 GMT <![CDATA[Lack of Validation in Reward Redemption Allows Unlimited Burp Suite License Abuse]]> https://academy.logicalbreach.com//writeups/lack-of-validation-in-reward-redemption-allows-unlimited-burp-suite-license-abuse-7431a4c3 8f5d6269-22a7-421b-9d32-d61c63ce2f9c Wed, 18 Mar 2026 15:09:26 GMT https://hackerone.com/reports/3378540 by theokeen]]> <![CDATA[How to bypass Cloudflare restrictions using Burp Suite]]> https://academy.logicalbreach.com//cheatsheets/how-to-bypass-cloudflare-restrictions-using-burp-suite-944d259f 3b8e9d1a-3d05-4c24-a008-35d0df3a5219 Tue, 17 Mar 2026 19:41:58 GMT <![CDATA[2FA Bypass Despite Fix via Manual Injection of isVerifyAuth Cookie in Local Storage]]> https://academy.logicalbreach.com//writeups/2fa-bypass-despite-fix-via-manual-injection-of-isverifyauth-cookie-in-local-storage-cad7154e 4153f1cc-f004-41c6-9e9e-ff1dc670f251 Tue, 17 Mar 2026 18:42:12 GMT <![CDATA[Automated Pentesting with Claude AI]]> https://academy.logicalbreach.com//cheatsheets/automated-pentesting-with-claude-ai-799cd439 8f102632-ec9e-446b-ac16-3ddfe2bebca1 Tue, 17 Mar 2026 18:20:07 GMT <![CDATA[IDOR leads Unauthorized Staff Member Removal via Insufficient Authorization Checks]]> https://academy.logicalbreach.com//writeups/idor-leads-unauthorized-staff-member-removal-via-insufficient-authorization-checks-20ae7643 97b06e15-e674-4c37-9754-57eb903a680d Tue, 17 Mar 2026 18:16:10 GMT <![CDATA[XSS Bypass to Zero Click Account Takeover in AI Chatbot]]> https://academy.logicalbreach.com//writeups/xss-bypass-to-zero-click-account-takeover-in-ai-chatbot-265f0dff f7a38824-a2cd-4061-953d-38defed4cc35 Tue, 17 Mar 2026 18:12:34 GMT <![CDATA[Session Cookie Leakage via Static Header Field in WebViewerFragment]]> https://academy.logicalbreach.com//writeups/session-cookie-leakage-via-static-header-field-in-webviewerfragment-94da2177 5cda71e7-2740-427a-8470-b1806583ea8f Tue, 17 Mar 2026 17:20:18 GMT https://hackerone.com/reports/3475626 by dphoeniixx]]> <![CDATA[Exposed .env File Leading to Full Email Account Takeover]]> https://academy.logicalbreach.com//writeups/exposed-env-file-leading-to-full-email-account-takeover-196a7b57 35ede773-442a-46c9-a6cb-2b75cb3273b1 Tue, 17 Mar 2026 11:29:57 GMT <![CDATA[2 IDOR’s & WAF Bypass to Expose Full Event Database]]> https://academy.logicalbreach.com//writeups/2-idor-s-waf-bypass-to-expose-full-event-database-d5d344f5 2472ab10-9970-4caf-bb83-fb2402d70c88 Tue, 17 Mar 2026 10:26:03 GMT <![CDATA[Business Logic Bypass Allows Setting “Read Access” Role Without Pro Plan Subscription]]> https://academy.logicalbreach.com//writeups/business-logic-bypass-allows-setting-read-access-role-without-pro-plan-subscription-e2b2dd9f ea1b038a-d458-4150-8b09-c0ba6fdf4b91 Mon, 16 Mar 2026 16:21:46 GMT https://hackerone.com/reports/3591764 by ziadmomen]]> <![CDATA[Unauthenticated access to private files on app.fizzy.do via Active Storage URLs leads to information disclosure]]> https://academy.logicalbreach.com//writeups/unauthenticated-access-to-private-files-on-app-fizzy-do-via-active-storage-urls-leads-to-information-disclosure-aef48763 0df14258-811c-4b20-8237-133dce13de0c Mon, 16 Mar 2026 16:21:13 GMT https://hackerone.com/reports/3467641 by perxibes]]> <![CDATA[IDOR Leading to Plaintext SFTP Credential Disclosure and Unauthorized SFTP Access]]> https://academy.logicalbreach.com//writeups/idor-leading-to-plaintext-sftp-credential-disclosure-and-unauthorized-sftp-access-2aad24dc 30cb0f42-f3c0-4af2-814b-56be10e587ef Mon, 16 Mar 2026 11:19:56 GMT <![CDATA[Scaling IDOR: Automated PII Exfiltration via Notification Configuration Endpoints]]> https://academy.logicalbreach.com//writeups/scaling-idor-automated-pii-exfiltration-via-notification-configuration-endpoints-feeb1b23 68b91674-7f65-47ad-ad7c-c6fe16331cbd Mon, 16 Mar 2026 11:12:35 GMT <![CDATA[HTML Injection to DoS (P2)]]> https://academy.logicalbreach.com//writeups/html-injection-to-dos-p2-40869d85 d3ea46d4-747d-48a4-ba27-ad52014f727d Sat, 14 Mar 2026 21:10:41 GMT <![CDATA[SSL/TLS certificates Cheatsheet]]> https://academy.logicalbreach.com//cheatsheets/ssl-tls-certificates-cheatsheet-bac86ed4 6e5471a9-1841-43e4-9ce9-446c7838424a Sat, 14 Mar 2026 15:30:21 GMT <![CDATA[XSS (Cross-Site Scripting) Cheatsheet]]> https://academy.logicalbreach.com//cheatsheets/xss-cross-site-scripting-cheatsheet-cf941bea 7daa0677-2dca-46c9-b8e4-220571690272 Sat, 14 Mar 2026 14:09:11 GMT <![CDATA[SQLi (SQL Injection) Cheatsheet]]> https://academy.logicalbreach.com//cheatsheets/sql-injection-sqli-cheatsheet-a523f80d 3846ea0b-a0f7-4df8-a371-f7785465bfb4 Sat, 14 Mar 2026 14:05:28 GMT <![CDATA[XXE (XML External Entity) Cheatsheet]]> https://academy.logicalbreach.com//cheatsheets/xxe-xml-external-entity-cheatsheet-297f7214 6d793fee-b496-49d3-8841-3dc1688dc99b Sat, 14 Mar 2026 14:01:00 GMT <![CDATA[Bug Bounty Cheatsheet]]> https://academy.logicalbreach.com//cheatsheets/bug-bounty-cheatsheet-ed129872 e71bf6b7-9f82-4cce-b11e-58f2ae11b91e Sat, 14 Mar 2026 13:52:25 GMT <![CDATA[Authorization Bypass in Starknet Snap via enableAuthorize parameter leads to unauthorized transaction signing]]> https://academy.logicalbreach.com//writeups/authorization-bypass-in-starknet-snap-via-enableauthorize-parameter-leads-to-unauthorized-transaction-signing-fcc5b9f1 7fc0ccb5-857e-4c4a-9603-b906494d1289 Fri, 13 Mar 2026 10:45:54 GMT https://hackerone.com/reports/3507241 by aszx87410]]> <![CDATA[Bypass of Open Redirect Fix on lovable.dev via /..// Path Traversal in redirect parameter]]> https://academy.logicalbreach.com//writeups/bypass-of-open-redirect-fix-on-lovable-dev-via-path-traversal-in-redirect-parameter-9bc11b88 a1449022-1787-48a5-a097-61c1bdc8e1aa Thu, 12 Mar 2026 11:20:00 GMT https://hackerone.com/reports/3599248 by marioniangi]]> <![CDATA[CVE-2026-3805: use after free in SMB connection reuse]]> https://academy.logicalbreach.com//writeups/cve-2026-3805-use-after-free-in-smb-connection-reuse-efca8b44 3ca56f74-a3e0-4736-b6d2-d6aee568fc3a Wed, 11 Mar 2026 10:34:57 GMT https://hackerone.com/reports/3591944 by rat5ak]]> <![CDATA[CVE-2026-3784: wrong proxy connection reuse with credentials]]> https://academy.logicalbreach.com//writeups/cve-2026-3784-wrong-proxy-connection-reuse-with-credentials-8ab2057e 917fb84f-b4f0-415d-a142-704eabd9b093 Wed, 11 Mar 2026 10:33:58 GMT https://hackerone.com/reports/3584903 by nobcoder]]>