OtherMediumFREE
Residual Malicious Payloads on HackerOne after Vulnerability Fixes
HackerOne disclosed report --> https://hackerone.com/reports/3168691 by joejoe5
0
Apr 18, 2026
CVSS4.3
€0
Real vulnerability disclosures from top bug bounty hunters. Filter by type and severity.
59 writeups
HackerOne disclosed report --> https://hackerone.com/reports/3168691 by joejoe5
HackerOne disclosed report --> https://hackerone.com/reports/3287208 by hellokbit
HackerOne disclosed report --> https://hackerone.com/reports/3608199 by xavlimsg
HackerOne disclosed report --> https://hackerone.com/reports/3543475 by xavlimsg
HackerOne disclosed report --> https://hackerone.com/reports/3665151 by mousepadkalilinux12
HackerOne disclosed report --> https://hackerone.com/reports/3400143 by py0zz1
A Open Redirect vulnerability was identified within an OAuth authorization flow endpoint. The vulnerability occurs because the callback_url (or equivalent redirect parameter) is validated using an insecure string prefix match instead of exact parsing.
A critical Reflected Cross-Site Scripting (XSS) vulnerability was discovered in a captive WiFi portal, allowing an unauthenticated attacker to steal the credentials of any user connecting via a malicious URL.
HackerOne disclosed report --> https://hackerone.com/reports/3020021 by adilnbabras
HackerOne disclosed report --> https://hackerone.com/reports/3325582 by adilnbabras
HackerOne disclosed report --> https://hackerone.com/reports/881118 by avielt
HackerOne disclosed report --> https://hackerone.com/reports/3355766 by resurrect20