Harsh Bothra (@Harshbothra_)

Title	Vulnerabilities	Programs	Authors
4,500 of the Top 1 Million Websites Leaked Source Code, Secrets	Information Disclosure	Undisclosed	Truffle Security (@Trufflesec) Harsh Bothra (@Harshbothra_) Luke Stephens (@Hakluke)
Evading Filters to perform the Arbitrary URL Redirection Attack	Open Redirect	Undisclosed	Harsh Bothra (@Harshbothra_)
Accidental Observation to Critical IDOR	IDOR	Undisclosed	Harsh Bothra (@Harshbothra_)
Misconfigured S3 Bucket Access Controls to Critical Vulnerability	AWS Misconfiguration	Undisclosed	Harsh Bothra (@Harshbothra_)
Let’s Bypass CSRF Protection & Password Confirmation to Takeover Victim Accounts :D	CSRF	Undisclosed	Harsh Bothra (@Harshbothra_)
XSS to Database Credential Leakage & Database Access — Story of total luck!	Reflected XSS Information Disclosure	Undisclosed	Harsh Bothra (@Harshbothra_)
Weak Cryptography in Password Reset to Full Account Takeover	Account Takeover Password Reset Cryptographic Issues	Undisclosed	Harsh Bothra (@Harshbothra_)
Recon to Sensitive Information Disclosure in Minutes	Information Disclosure Outdated Component With a Known Vulnerability	Undisclosed	Harsh Bothra (@Harshbothra_)
From Recon to P1 (Critical) — An Easy Win	Exposed Registration Page	Undisclosed	Harsh Bothra (@Harshbothra_)

Page 1 of 1