Skip to content

Commit 22acac7

Browse files
reddelexcreddelexc
committed
update
1 parent f13a634 commit 22acac7

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

61 files changed

+11026
-10867
lines changed

data.csv

Lines changed: 882 additions & 805 deletions
Large diffs are not rendered by default.

tops_100/TOP100PAID.md

Lines changed: 80 additions & 80 deletions
Large diffs are not rendered by default.

tops_100/TOP100UPVOTED.md

Lines changed: 67 additions & 67 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPACCOUNTTAKEOVER.md

Lines changed: 143 additions & 142 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAPI.md

Lines changed: 225 additions & 223 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTH.md

Lines changed: 225 additions & 223 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPAUTHORIZATION.md

Lines changed: 597 additions & 591 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPBUSINESSLOGIC.md

Lines changed: 155 additions & 154 deletions
Large diffs are not rendered by default.

tops_by_bug_type/TOPCLICKJACKING.md

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,8 @@ Top Clickjacking reports from HackerOne:
1212
10. [URL is vulnerable to clickjacking https://app.passit.io/](https://hackerone.com/reports/530008) to Passit - 28 upvotes, $0
1313
11. [Clickjacking Vulnerability Can Leads To Delete Developer APP](https://hackerone.com/reports/1416612) to TikTok - 23 upvotes, $500
1414
12. [Clickjacking at ylands.com](https://hackerone.com/reports/405342) to BOHEMIA INTERACTIVE a.s. - 19 upvotes, $80
15-
13. [Clickjacking in [exchangemarketplace.com]](https://hackerone.com/reports/658217) to Shopify - 17 upvotes, $0
16-
14. [Clickjacking in the admin page](https://hackerone.com/reports/728004) to Rocket.Chat - 17 upvotes, $0
15+
13. [Clickjacking in the admin page](https://hackerone.com/reports/728004) to Rocket.Chat - 18 upvotes, $0
16+
14. [Clickjacking in [exchangemarketplace.com]](https://hackerone.com/reports/658217) to Shopify - 17 upvotes, $0
1717
15. [Clickjacking at join.nordvpn.com](https://hackerone.com/reports/765955) to Nord Security - 17 upvotes, $0
1818
16. [CRITICAL-CLICKJACKING at Yelp Reservations Resulting in exposure of victim Private Data (Email info) + Victim Credit Card MissUse. ](https://hackerone.com/reports/355859) to Yelp - 17 upvotes, $0
1919
17. [Clickjacking In jobs.wordpress.net](https://hackerone.com/reports/223024) to WordPress - 16 upvotes, $0
@@ -61,14 +61,14 @@ Top Clickjacking reports from HackerOne:
6161
59. [Khan Academy ClickJacking to Steal Users's Credintials](https://hackerone.com/reports/639682) to Khan Academy - 6 upvotes, $0
6262
60. [Clickjacking Vulnerability via https://profile.my.games/gamecenter/profile/ can lead to sensitive cross site actions (Bypass X-Frame-Options)](https://hackerone.com/reports/974090) to Mail.ru - 6 upvotes, $0
6363
61. [Vulnerable for clickjacking attack](https://hackerone.com/reports/1188639) to Sifchain - 6 upvotes, $0
64-
62. [Click Jacking](https://hackerone.com/reports/163888) to Legal Robot - 5 upvotes, $0
65-
63. [Missing security headers, possible clickjacking](https://hackerone.com/reports/64645) to Legal Robot - 5 upvotes, $0
66-
64. [https://admin.corp.cuvva.co/ is vulnerable to Clickjacking attacks due to missing X-Frame-Options ](https://hackerone.com/reports/231434) to Cuvva - 5 upvotes, $0
67-
65. [Clickjacking docs.weblate.org](https://hackerone.com/reports/223391) to Weblate - 5 upvotes, $0
68-
66. [clickjacking on https://gratipay.com/on/npm/[text]](https://hackerone.com/reports/267189) to Gratipay - 5 upvotes, $0
69-
67. [ClickJacking on IMPORTANT Functions of Yelp](https://hackerone.com/reports/305128) to Yelp - 5 upvotes, $0
70-
68. [Clickjacking Vulnerability via https://www.donationalerts.com/help/support leads to bypass for widget.support.my.games X-Frame Options](https://hackerone.com/reports/1027192) to Mail.ru - 5 upvotes, $0
71-
69. [Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain](https://hackerone.com/reports/1221942) to Meredith - 5 upvotes, $0
64+
62. [Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain](https://hackerone.com/reports/1221942) to Meredith - 6 upvotes, $0
65+
63. [Click Jacking](https://hackerone.com/reports/163888) to Legal Robot - 5 upvotes, $0
66+
64. [Missing security headers, possible clickjacking](https://hackerone.com/reports/64645) to Legal Robot - 5 upvotes, $0
67+
65. [https://admin.corp.cuvva.co/ is vulnerable to Clickjacking attacks due to missing X-Frame-Options ](https://hackerone.com/reports/231434) to Cuvva - 5 upvotes, $0
68+
66. [Clickjacking docs.weblate.org](https://hackerone.com/reports/223391) to Weblate - 5 upvotes, $0
69+
67. [clickjacking on https://gratipay.com/on/npm/[text]](https://hackerone.com/reports/267189) to Gratipay - 5 upvotes, $0
70+
68. [ClickJacking on IMPORTANT Functions of Yelp](https://hackerone.com/reports/305128) to Yelp - 5 upvotes, $0
71+
69. [Clickjacking Vulnerability via https://www.donationalerts.com/help/support leads to bypass for widget.support.my.games X-Frame Options](https://hackerone.com/reports/1027192) to Mail.ru - 5 upvotes, $0
7272
70. [ClickJacking on http://au.launch.yahoo.com](https://hackerone.com/reports/1229) to Yahoo! - 4 upvotes, $0
7373
71. [Clickjacking: X-Frame-Options header missing](https://hackerone.com/reports/163646) to Legal Robot - 4 upvotes, $0
7474
72. [Clickjacking In https://demo.nextcloud.com](https://hackerone.com/reports/222762) to Nextcloud - 4 upvotes, $0

tops_by_bug_type/TOPCSRF.md

Lines changed: 306 additions & 303 deletions
Large diffs are not rendered by default.

0 commit comments

Comments
 (0)