bug-bounty528
xss284
rce158
google121
bragging-post120
exploit100
account-takeover99
open-source91
microsoft87
csrf78
facebook78
privilege-escalation76
authentication-bypass75
cve72
stored-xss72
malware68
access-control65
ai-agents63
reflected-xss61
writeup56
ssrf53
input-validation53
web-security53
sql-injection49
cross-site-scripting48
smart-contract46
tool46
defi45
ethereum45
privacy44
web-application43
apple43
phishing42
cloudflare41
browser40
information-disclosure39
dos38
web337
llm37
responsible-disclosure37
lfi36
burp-suite35
opinion35
api-security35
oauth34
automation34
vulnerability-disclosure34
reverse-engineering34
idor32
machine-learning32
0
6/10
bug-bounty
A bug bounty writeup covering three reflected XSS vulnerabilities discovered on a Synack program: one via JavaScript protocol in a referrer header parameter, one via password-check parameter bypass in account details modification, and one via insufficient input filtering in an email recovery parameter.
xss
reflected-xss
bug-bounty
web-application
input-validation
payload-injection
dom-based
csrf
url-redirection
javascript-protocol
Gaurav Narwani
Synack
burp