Public
CloudFlare
bug reports.
4,419
Bug Reports -
$2,030,173
Paid Out
Last Updated:
12th September, 2017
Team
Bounty
Title
CloudFlare
-
Cloudflare based XSS for IE11
CloudFlare
-
[http2.cloudflare.com] Open Redirect
CloudFlare
-
Reflected XSS on partners.cloudflare.com
CloudFlare
-
Clickjacking : https://partners.cloudflare.com/
CloudFlare
-
Apache mod_negotiation filename bruteforcing
CloudFlare
-
User can request for password reset link without giving his website, eventhough he have it
CloudFlare
-
CSRF and No password requirement in this URL Billing Info
CloudFlare
-
Password reset threshold not set
CloudFlare
-
Bug Report
CloudFlare
-
User's data leak
CloudFlare
-
Threat control information leak
CloudFlare
-
Security issue with your "bag" script
CloudFlare
-
Cookie missing the Secure flag
CloudFlare
-
Flash-based XSS in cdnjs.cloudflare.com subdomain
CloudFlare
-
System Status Update CSRF
CloudFlare
-
XSS - http://js.cloudflare.com
CloudFlare
-
Apache Multiviews are enabled
CloudFlare
-
csrf on password change functionality
CloudFlare
-
http://cdnjs.cloudflare.com/ Cross-site scripting 2
CloudFlare
-
Content spoofing /CSRF at https://www.cloudflare.com/ajax/modal-dialog.html
CloudFlare
-
jplayer.swf Cross-site scripting
CloudFlare
-
CSRF in Cloudflare login