Hey, Bug bounty community!
Long time no updates, so here is a little story that you probably will find useful and maybe earn a bit money with this little trick.
A vulnerability I will talk about is not something new, it is a known behaviour for web developers. But not that many people considired it from security perspective and I never seen it being mentioned on any security paper, that’s why I decided to shed light on it.
So, we already should know what Open redirect is. For someone who doesn’t — it is when remote attacker can set arbitrary value as a redirect destination. …
Hello, community.
So, here I will share info about new critical vulnerability in Jira server. It was not originally found by me. 4 days ago at evening I found a security advisory which claimed that critical security hole existed in Jira. The very next morning I researched and had working exploit.
It wasn’t hard to find a working exploit since Atlassian shared almost all needed info in advisory. It said that “bulk email send“ and “contact Admin” functionalities were affected by server side template injection. “Bulk email send” was immediately discarded since it requires Admin priveledges to exploit. …
Hey. I want to share a cool and uncommon vulnerability I found in one of bug bounty programs.
Once I was testing an application, I suddenly decided to look into LocalStorage content. For those who are not familiar, LocalStorage is a key-value storage in browsers. It is not safe to use LocalStorage for storing a sensitive information, because it is always accessible from javascript. …