Bugpoint Telegram Posts

Latest updates about disclosure bug bounty reports: tech details, impacts, bounties 📣

Rate👇
https://cutt.ly/bugpoint_rate
Feedback👇
https://cutt.ly/bugpoint_feedback

#️⃣ bug bounty disclosed reports
#️⃣ bug bounty write-ups
#️⃣ bug bounty teleg

1,122 Subscribers

3,804 Photos

3,778 Videos

Last Updated 25.02.2025 17:20

Similar Channels

Tech Jailbreak :)

21,014 Subscribers

20,685 Subscribers

18,347 Subscribers

The latest content shared by Bugpoint on Telegram

Bugpoint

01 Dec, 18:52

482

Remove Every User, Admin, And Owner Out Of Their Teams on developers.mtn.com via IDOR + Information Disclosure

👉 https://hackerone.com/reports/1448550

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #wallotry
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 5:34pm (UTC)

Bugpoint

01 Dec, 18:52

444

Unprotected Direct Object Reference

👉 https://hackerone.com/reports/1536936

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #coyemerald
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 5:24pm (UTC)

Bugpoint

01 Dec, 12:13

442

Firebase Database Takeover in https://pulseradio.mtn.co.ug/

👉 https://hackerone.com/reports/1447751

🔹 Severity: Critical
🔹 Reported To: MTN Group
🔹 Reported By: #shuvam321
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 10:52am (UTC)

Bugpoint

01 Dec, 12:13

431

Calendar name length not validated before writing to database

👉 https://hackerone.com/reports/1596148

🔹 Severity: Low
🔹 Reported To: Nextcloud
🔹 Reported By: #errorx404
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 9:49am (UTC)

Bugpoint

01 Dec, 12:13

446

CVE-2022-45402: Apache Airflow: Open redirect during login

👉 https://hackerone.com/reports/1782514

🔹 Severity: Medium | 💰 2,400 USD
🔹 Reported To: Internet Bug Bounty
🔹 Reported By: #bugra
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 9:41am (UTC)

Bugpoint

01 Dec, 04:31

499

Double evaluation in .bash_prompt of dotfiles allows a malicious repository to execute arbitrary commands

👉 https://hackerone.com/reports/1785378

🔹 Severity: High | 💰 300 USD
🔹 Reported To: Ian Dunn
🔹 Reported By: #ryotak
🔹 State: 🟢 Resolved
🔹 Disclosed: December 1, 2022, 4:00am (UTC)

Bugpoint

30 Nov, 19:40

423

Campaign Account Balance and History Disclosed in API Response

👉 https://hackerone.com/reports/1587374

🔹 Severity: Medium | 💰 500 USD
🔹 Reported To: LinkedIn
🔹 Reported By: #sachin_kumar_
🔹 State: 🟢 Resolved
🔹 Disclosed: November 30, 2022, 7:31pm (UTC)

Bugpoint

30 Nov, 18:43

398

If the website does not impose additional defense against CSRF attacks, failing to use the 'Lax' or 'Strict' values could increase the risk of exposur

👉 https://hackerone.com/reports/1707680

🔹 Severity: Low
🔹 Reported To: Yelp
🔹 Reported By: #shubhangirathore836
🔹 State: 🔴 N/A
🔹 Disclosed: November 30, 2022, 3:15pm (UTC)

Bugpoint

30 Nov, 02:52

408

Stored XSS Payload when sending videos

👉 https://hackerone.com/reports/1536046

🔹 Severity: Low | 💰 500 USD
🔹 Reported To: TikTok
🔹 Reported By: #aidilarf_2000
🔹 State: 🟢 Resolved
🔹 Disclosed: November 29, 2022, 9:30pm (UTC)

Bugpoint

29 Nov, 19:22

469

Any organization's assets pending review can be downloaded

👉 https://hackerone.com/reports/1787644

🔹 Severity: High
🔹 Reported To: HackerOne
🔹 Reported By: #jobert
🔹 State: 🟢 Resolved
🔹 Disclosed: November 29, 2022, 6:36pm (UTC)