Public bug reports.

Team Bounty Title $75 Cross site scripting $50 CJ vulnerability in subdomain $250 Full takeover of some sub domains - XSS - HTML injection via 'underlying' parameter $75 Cookie bug $50 Email Verification Link can be Used as Password Reset Link! $300 login to any user's cashier account and full account information disclosure - User Enumeration : Due to rate limiting on registration $75 Http Response Splitting - Validate link $50 Cross Site Scripting