Skip to content

Commit 7ab4eff

Browse files
reddelexcreddelexc
committed
update
1 parent 7c677a2 commit 7ab4eff

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

57 files changed

+11728
-11601
lines changed

data.csv

Lines changed: 1100 additions & 1045 deletions
Large diffs are not rendered by default.

tops_100/TOP100PAID.md

Lines changed: 98 additions & 98 deletions
Large diffs are not rendered by default.

tops_100/TOP100UPVOTED.md

Lines changed: 73 additions & 73 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPACCOUNTTAKEOVER.md

Lines changed: 189 additions & 186 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAPI.md

Lines changed: 215 additions & 210 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTH.md

Lines changed: 244 additions & 243 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTHORIZATION.md

Lines changed: 612 additions & 609 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPBUSINESSLOGIC.md

Lines changed: 166 additions & 161 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPCLICKJACKING.md

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
Top Clickjacking reports from HackerOne:
22

3-
1. [RCE of Burp Scanner / Crawler via Clickjacking ](https://hackerone.com/reports/1274695) to PortSwigger Web Security - 162 upvotes, $3000
4-
2. [Twitter Periscope Clickjacking Vulnerability](https://hackerone.com/reports/591432) to X (Formerly Twitter) - 131 upvotes, $1120
3+
1. [RCE of Burp Scanner / Crawler via Clickjacking ](https://hackerone.com/reports/1274695) to PortSwigger Web Security - 163 upvotes, $3000
4+
2. [Twitter Periscope Clickjacking Vulnerability](https://hackerone.com/reports/591432) to X (Formerly Twitter) - 132 upvotes, $1120
55
3. [Highly wormable clickjacking in player card](https://hackerone.com/reports/85624) to X (Formerly Twitter) - 131 upvotes, $0
66
4. [Clickjacking on donation page](https://hackerone.com/reports/921709) to WordPress - 89 upvotes, $0
77
5. [Viral Direct Message Clickjacking via link truncation leading to capture of both Google credentials & installation of malicious 3rd party Twitter App](https://hackerone.com/reports/643274) to X (Formerly Twitter) - 64 upvotes, $0
@@ -10,8 +10,8 @@ Top Clickjacking reports from HackerOne:
1010
8. [Clickjacking vkpay](https://hackerone.com/reports/374817) to VK.com - 44 upvotes, $0
1111
9. [[api.tumblr.com] Exploiting clickjacking vulnerability to trigger self DOM-based XSS](https://hackerone.com/reports/953579) to Automattic - 30 upvotes, $0
1212
10. [URL is vulnerable to clickjacking https://app.passit.io/](https://hackerone.com/reports/530008) to Passit - 28 upvotes, $0
13-
11. [Clickjacking Vulnerability Can Leads To Delete Developer APP](https://hackerone.com/reports/1416612) to TikTok - 23 upvotes, $500
14-
12. [Clickjacking at ylands.com](https://hackerone.com/reports/405342) to BOHEMIA INTERACTIVE a.s. - 19 upvotes, $80
13+
11. [Clickjacking Vulnerability Can Leads To Delete Developer APP](https://hackerone.com/reports/1416612) to TikTok - 24 upvotes, $500
14+
12. [Clickjacking at ylands.com](https://hackerone.com/reports/405342) to BOHEMIA INTERACTIVE a.s. - 20 upvotes, $80
1515
13. [Clickjacking in the admin page](https://hackerone.com/reports/728004) to Rocket.Chat - 18 upvotes, $0
1616
14. [CRITICAL-CLICKJACKING at Yelp Reservations Resulting in exposure of victim Private Data (Email info) + Victim Credit Card MissUse. ](https://hackerone.com/reports/355859) to Yelp - 18 upvotes, $0
1717
15. [Clickjacking in [exchangemarketplace.com]](https://hackerone.com/reports/658217) to Shopify - 17 upvotes, $0
@@ -35,11 +35,11 @@ Top Clickjacking reports from HackerOne:
3535
33. [clickjacking в /lead_forms_app.php](https://hackerone.com/reports/294334) to VK.com - 11 upvotes, $0
3636
34. [Certificate warnings and similar UI elements in Web protection of Anti-Virus products family are susceptible to clickjacking](https://hackerone.com/reports/463695) to Kaspersky - 11 upvotes, $0
3737
35. [Clickjacking Vulnerability in sifchain.finance](https://hackerone.com/reports/1185949) to Sifchain - 11 upvotes, $0
38-
36. [Clickjacking Periscope.tv on Chrome](https://hackerone.com/reports/198622) to X (Formerly Twitter) - 10 upvotes, $560
39-
37. [Following links are vulnerable to clickjacking](https://hackerone.com/reports/289246) to Semrush - 10 upvotes, $0
40-
38. [Clickjacking URLS](https://hackerone.com/reports/1039805) to Nextcloud - 10 upvotes, $0
41-
39. [Reflected XSS through clickjacking at https://████](https://hackerone.com/reports/1149144) to U.S. Dept Of Defense - 10 upvotes, $0
42-
40. [OAuth authorization page vulnerable to clickjacking](https://hackerone.com/reports/65825) to Coinbase - 9 upvotes, $5000
38+
36. [OAuth authorization page vulnerable to clickjacking](https://hackerone.com/reports/65825) to Coinbase - 10 upvotes, $5000
39+
37. [Clickjacking Periscope.tv on Chrome](https://hackerone.com/reports/198622) to X (Formerly Twitter) - 10 upvotes, $560
40+
38. [Following links are vulnerable to clickjacking](https://hackerone.com/reports/289246) to Semrush - 10 upvotes, $0
41+
39. [Clickjacking URLS](https://hackerone.com/reports/1039805) to Nextcloud - 10 upvotes, $0
42+
40. [Reflected XSS through clickjacking at https://████](https://hackerone.com/reports/1149144) to U.S. Dept Of Defense - 10 upvotes, $0
4343
41. [Bypass of the Clickjacking protection on Flickr using data URL in iframes](https://hackerone.com/reports/7264) to Yahoo! - 9 upvotes, $0
4444
42. [Delete images of users with clickjacking in https://pw.mail.ru](https://hackerone.com/reports/675614) to Mail.ru - 9 upvotes, $0
4545
43. [Get ip and Geo location any user via Clickjacking with inspectlet technology](https://hackerone.com/reports/998555) to Acronis - 9 upvotes, $0

0 commit comments

Comments
 (0)