| CSRF + Open Redirect To Account Takeover |
|
|
|
| An unreproducable bug due to the load balancer, an unusual Open Redirect bug |
|
|
|
| Bug Bounty Experience: Unvalidated Redirection Vulnerability |
|
|
|
| Don’t stop at one bug $$$$ |
|
|
|
| How i got 200$ with an out of the box open redirect vulnerability |
|
|
|
| How I Bypassed open redirect and i have get reward from yandex |
|
|
|
| Weak Cryptography Leads To Open Redirect |
|
|
|
| DOM based open redirect to the leak of a JWT token |
|
|
|
| Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts |
|
|
|
| Strange Redirect (Fixed but no bounty) |
|
|
|
| 1st Bug Bounty Write-Up — Open Redirect Vulnerability on Login Page |
|
|
|
| How I Earned $1750 at Shopify Bug Bounty Program |
|
|
|
| Open-redirect Vulnerability on Facebook |
|
|
|
| CVE-2019-18426 - WhatsApp Vulnerabilities Disclosure - Open Redirect + CSP Bypass + Persistent XSS + FS read permissions + potential for RCE |
|
|
|
| Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access |
|
|
|
| Hunting Good Bugs with only <HTML> |
|
|
|
| Account takeover via HTTP Request Smuggling |
|
|
|
| From POST to GET Open redirect |
|
|
|
| CORS Misconfiguration to Account TakeOver [Out of scope to grab items In-Scope] |
|
|
|
| Download this tool and you win |
|
|
|
| OnePlus Open/Unvalidated Redirects & Forwards |
|
|
|
| Bug or Feature? GitHub Adventure #001 |
|
|
|
| Business ID leak via Creative Hub redirect |
|
|
|
| How does my recon win $250 in 15 minutes |
|
|
|
| How i was able to exploit the same endpoint 2 times ( multiple xss & open Redirection on 10 subdomain) |
|
|
|
writeups.xyz
/
Open Redirect