Skip to content

Commit 7c677a2

Browse files
reddelexcreddelexc
committed
update
1 parent f581b4b commit 7c677a2

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

59 files changed

+11163
-11048
lines changed

data.csv

Lines changed: 1102 additions & 1053 deletions
Large diffs are not rendered by default.

tops_100/TOP100PAID.md

Lines changed: 52 additions & 52 deletions
Large diffs are not rendered by default.

tops_100/TOP100UPVOTED.md

Lines changed: 50 additions & 50 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPACCOUNTTAKEOVER.md

Lines changed: 79 additions & 79 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAPI.md

Lines changed: 212 additions & 211 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTH.md

Lines changed: 251 additions & 250 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTHORIZATION.md

Lines changed: 642 additions & 633 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPBUSINESSLOGIC.md

Lines changed: 54 additions & 54 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPCLICKJACKING.md

Lines changed: 35 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -54,14 +54,14 @@ Top Clickjacking reports from HackerOne:
5454
52. [Clickjacking on my.stripo.email for MailChimp credentials ](https://hackerone.com/reports/737625) to Stripo Inc - 7 upvotes, $0
5555
53. [Clickjacking misconfiguration bug](https://hackerone.com/reports/1176104) to Sifchain - 7 upvotes, $0
5656
54. [Clickjacking to change email address](https://hackerone.com/reports/783191) to Gener8 - 7 upvotes, $0
57-
55. [Clickjacking Vulnerability In Whole Page Ads Tiktok](https://hackerone.com/reports/1418857) to TikTok - 6 upvotes, $500
58-
56. [Found clickjacking vulnerability](https://hackerone.com/reports/119828) to LeaseWeb - 6 upvotes, $0
59-
57. [Account takeover vulnerability by editor role privileged users/attackers via clickjacking](https://hackerone.com/reports/388254) to WordPress - 6 upvotes, $0
60-
58. [Clickjacking lead to remove review](https://hackerone.com/reports/965141) to Yelp - 6 upvotes, $0
61-
59. [Khan Academy ClickJacking to Steal Users's Credintials](https://hackerone.com/reports/639682) to Khan Academy - 6 upvotes, $0
62-
60. [Clickjacking Vulnerability via https://profile.my.games/gamecenter/profile/ can lead to sensitive cross site actions (Bypass X-Frame-Options)](https://hackerone.com/reports/974090) to Mail.ru - 6 upvotes, $0
63-
61. [Vulnerable for clickjacking attack](https://hackerone.com/reports/1188639) to Sifchain - 6 upvotes, $0
64-
62. [Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain](https://hackerone.com/reports/1221942) to Meredith - 6 upvotes, $0
57+
55. [Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain](https://hackerone.com/reports/1221942) to Meredith - 7 upvotes, $0
58+
56. [Clickjacking Vulnerability In Whole Page Ads Tiktok](https://hackerone.com/reports/1418857) to TikTok - 6 upvotes, $500
59+
57. [Found clickjacking vulnerability](https://hackerone.com/reports/119828) to LeaseWeb - 6 upvotes, $0
60+
58. [Account takeover vulnerability by editor role privileged users/attackers via clickjacking](https://hackerone.com/reports/388254) to WordPress - 6 upvotes, $0
61+
59. [Clickjacking lead to remove review](https://hackerone.com/reports/965141) to Yelp - 6 upvotes, $0
62+
60. [Khan Academy ClickJacking to Steal Users's Credintials](https://hackerone.com/reports/639682) to Khan Academy - 6 upvotes, $0
63+
61. [Clickjacking Vulnerability via https://profile.my.games/gamecenter/profile/ can lead to sensitive cross site actions (Bypass X-Frame-Options)](https://hackerone.com/reports/974090) to Mail.ru - 6 upvotes, $0
64+
62. [Vulnerable for clickjacking attack](https://hackerone.com/reports/1188639) to Sifchain - 6 upvotes, $0
6565
63. [ClickJacking on http://au.launch.yahoo.com](https://hackerone.com/reports/1229) to Yahoo! - 5 upvotes, $0
6666
64. [Click Jacking](https://hackerone.com/reports/163888) to Legal Robot - 5 upvotes, $0
6767
65. [Missing security headers, possible clickjacking](https://hackerone.com/reports/64645) to Legal Robot - 5 upvotes, $0
@@ -91,33 +91,33 @@ Top Clickjacking reports from HackerOne:
9191
89. [newrelic.com vulnerable to clickjacking !](https://hackerone.com/reports/123126) to New Relic - 2 upvotes, $0
9292
90. [ClickJacking on Debug](https://hackerone.com/reports/225555) to Weblate - 2 upvotes, $0
9393
91. [Clickjacking irclogs.wordpress.org](https://hackerone.com/reports/267075) to WordPress - 2 upvotes, $0
94-
92. [Click jacking in delete image of user in Yelp](https://hackerone.com/reports/201848) to Yelp - 2 upvotes, $0
95-
93. [URL is vulnerable to clickjacking](https://hackerone.com/reports/337219) to Zomato - 2 upvotes, $0
96-
94. [Clickjacking Vulnerability on https://support.my.com/games/ticket/xxxx/](https://hackerone.com/reports/357954) to Mail.ru - 2 upvotes, $0
97-
95. [Clickjacking in ops.cuvva.com](https://hackerone.com/reports/583624) to Cuvva - 2 upvotes, $0
98-
96. [Clickjacking](https://hackerone.com/reports/832593) to Kubernetes - 2 upvotes, $0
99-
97. [Site-wide clickjacking at IE11](https://hackerone.com/reports/614947) to New Relic - 2 upvotes, $0
100-
98. [ClickJacking](https://hackerone.com/reports/947690) to Acronis - 2 upvotes, $0
101-
99. [clickjacking at brew.sh](https://hackerone.com/reports/1245972) to Homebrew - 2 upvotes, $0
102-
100. [CLICKJACKING LEADS TO DEACTIVATE ACCOUNT](https://hackerone.com/reports/1301113) to UPchieve - 2 upvotes, $0
103-
101. [Clickjacking ar https://hackers.upchieve.org/login](https://hackerone.com/reports/1400405) to UPchieve - 2 upvotes, $0
104-
102. [Clickjacking](https://hackerone.com/reports/1206138) to Sifchain - 2 upvotes, $0
105-
103. [Clickjacking - changing role](https://hackerone.com/reports/7924) to Respondly - 1 upvotes, $0
106-
104. [ClickJacking](https://hackerone.com/reports/7862) to Localize - 1 upvotes, $0
107-
105. [Clicjacking on Login panel](https://hackerone.com/reports/8459) to Mail.ru - 1 upvotes, $0
108-
106. [Clickjacking at https://staging.uzbey.com/](https://hackerone.com/reports/17315) to Uzbey - 1 upvotes, $0
109-
107. [Clickjacking](https://hackerone.com/reports/21110) to Mavenlink - 1 upvotes, $0
110-
108. [Clickjacking: X-Frame-Options header missing](https://hackerone.com/reports/27594) to GlassWire - 1 upvotes, $0
111-
109. [clickjacking ](https://hackerone.com/reports/1207) to Yahoo! - 1 upvotes, $0
112-
110. [Clickjacking: X-Frame-Options header missing](https://hackerone.com/reports/129650) to APITest.IO - 1 upvotes, $0
113-
111. [Clickjacking in love.uber.com](https://hackerone.com/reports/137152) to Uber - 1 upvotes, $0
114-
112. [ClickJacking](https://hackerone.com/reports/183127) to OWOX, Inc. - 1 upvotes, $0
115-
113. [Clickjacking vulnerability in support-dashboard.corp.cuvva.co](https://hackerone.com/reports/231694) to Cuvva - 1 upvotes, $0
116-
114. [Clickjacking or URL Masking ](https://hackerone.com/reports/204198) to Brave Software - 1 upvotes, $0
117-
115. [clickjacking at http://mailboxes.legalrobot-uat.com/](https://hackerone.com/reports/165542) to Legal Robot - 1 upvotes, $0
118-
116. [aspen | clickjacking](https://hackerone.com/reports/272387) to Aspen - 1 upvotes, $0
119-
117. [ClickJacking ](https://hackerone.com/reports/179839) to Yelp - 1 upvotes, $0
120-
118. [Clickjacking: X-Frame Header Missing](https://hackerone.com/reports/168358) to Yelp - 1 upvotes, $0
94+
92. [Clickjacking: X-Frame Header Missing](https://hackerone.com/reports/168358) to Yelp - 2 upvotes, $0
95+
93. [Click jacking in delete image of user in Yelp](https://hackerone.com/reports/201848) to Yelp - 2 upvotes, $0
96+
94. [URL is vulnerable to clickjacking](https://hackerone.com/reports/337219) to Zomato - 2 upvotes, $0
97+
95. [Clickjacking Vulnerability on https://support.my.com/games/ticket/xxxx/](https://hackerone.com/reports/357954) to Mail.ru - 2 upvotes, $0
98+
96. [Clickjacking in ops.cuvva.com](https://hackerone.com/reports/583624) to Cuvva - 2 upvotes, $0
99+
97. [Clickjacking](https://hackerone.com/reports/832593) to Kubernetes - 2 upvotes, $0
100+
98. [Site-wide clickjacking at IE11](https://hackerone.com/reports/614947) to New Relic - 2 upvotes, $0
101+
99. [ClickJacking](https://hackerone.com/reports/947690) to Acronis - 2 upvotes, $0
102+
100. [clickjacking at brew.sh](https://hackerone.com/reports/1245972) to Homebrew - 2 upvotes, $0
103+
101. [CLICKJACKING LEADS TO DEACTIVATE ACCOUNT](https://hackerone.com/reports/1301113) to UPchieve - 2 upvotes, $0
104+
102. [Clickjacking ar https://hackers.upchieve.org/login](https://hackerone.com/reports/1400405) to UPchieve - 2 upvotes, $0
105+
103. [Clickjacking](https://hackerone.com/reports/1206138) to Sifchain - 2 upvotes, $0
106+
104. [Clickjacking - changing role](https://hackerone.com/reports/7924) to Respondly - 1 upvotes, $0
107+
105. [ClickJacking](https://hackerone.com/reports/7862) to Localize - 1 upvotes, $0
108+
106. [Clicjacking on Login panel](https://hackerone.com/reports/8459) to Mail.ru - 1 upvotes, $0
109+
107. [Clickjacking at https://staging.uzbey.com/](https://hackerone.com/reports/17315) to Uzbey - 1 upvotes, $0
110+
108. [Clickjacking](https://hackerone.com/reports/21110) to Mavenlink - 1 upvotes, $0
111+
109. [Clickjacking: X-Frame-Options header missing](https://hackerone.com/reports/27594) to GlassWire - 1 upvotes, $0
112+
110. [clickjacking ](https://hackerone.com/reports/1207) to Yahoo! - 1 upvotes, $0
113+
111. [Clickjacking: X-Frame-Options header missing](https://hackerone.com/reports/129650) to APITest.IO - 1 upvotes, $0
114+
112. [Clickjacking in love.uber.com](https://hackerone.com/reports/137152) to Uber - 1 upvotes, $0
115+
113. [ClickJacking](https://hackerone.com/reports/183127) to OWOX, Inc. - 1 upvotes, $0
116+
114. [Clickjacking vulnerability in support-dashboard.corp.cuvva.co](https://hackerone.com/reports/231694) to Cuvva - 1 upvotes, $0
117+
115. [Clickjacking or URL Masking ](https://hackerone.com/reports/204198) to Brave Software - 1 upvotes, $0
118+
116. [clickjacking at http://mailboxes.legalrobot-uat.com/](https://hackerone.com/reports/165542) to Legal Robot - 1 upvotes, $0
119+
117. [aspen | clickjacking](https://hackerone.com/reports/272387) to Aspen - 1 upvotes, $0
120+
118. [ClickJacking ](https://hackerone.com/reports/179839) to Yelp - 1 upvotes, $0
121121
119. [clickjacking to Semrush auth login](https://hackerone.com/reports/318295) to Semrush - 1 upvotes, $0
122122
120. [Clickjacking on https://download.nextcloud.com/](https://hackerone.com/reports/662155) to Nextcloud - 1 upvotes, $0
123123
121. [Clickjacking on https://download.nextcloud.com](https://hackerone.com/reports/658011) to Nextcloud - 1 upvotes, $0

0 commit comments

Comments
 (0)