漏洞报告
【Shopify 900刀】Shopify.com Web Cache Deception漏洞导致个人信息和CSRF令牌泄露
https://hackerone.com/reports/1087382
【Shopify 800刀】商店删除或未经身份验证出售
https://hackerone.com/reports/1271944
【Tiktok 4,500刀】Tiktok反射xss
https://hackerone.com/reports/1350887
【Slack 3,500刀】滥用群组功能允许工作区成员在没有被邀请的情况下加入私人频道
https://hackerone.com/reports/1248852
【Reddit 5,000刀】将 HEIF 转换为 PNG 时保留了 GPS 元数据
https://hackerone.com/reports/1069039
【Reddit 5,000刀】s3 bucket劫持
https://hackerone.com/reports/1285598
【Reddit 5,000刀】Deleting all DMs on RedditGifts.com
https://hackerone.com/reports/1213237
【Reddit 3,000刀】[dubmash] 缺乏授权检查 - 更新声音标题
https://hackerone.com/reports/1102365
【Reddit 500刀】Markdown 解析器中的哈希冲突拒绝服务漏洞
https://hackerone.com/reports/1341957
【Reddit 500刀】通过 DNS 劫持域名接管 Reddit.ru
https://hackerone.com/reports/1226891
【Reddit 500刀】 IDOR to pay less for coin purchases on oauth.reddit.com via /api/v2/gold/paypal/create_coin_purchase_order in order_id parameter
https://hackerone.com/reports/1213765
【Reddit 100刀】No Rate Limit on redditgifts gift when Adding Comment
https://hackerone.com/reports/1202408
