Public Envoy bug reports.

Team Bounty Title
Envoy - Primary Cloning of Envoy web application resulting confidential information disclosure
Envoy - Abuse of API can Lead to DoS
Envoy - Stored XSS
Envoy - XSS in "Guest Pre-Registration" page after registration
Envoy - Stored XSS in /settings/ipad Page
Envoy - [] Open Redirect
Envoy - Authentication Bypass
Envoy - Delete visitor from IPAD with fullname which contains JS results XSS
Envoy - Too much sensitive information in GET
Envoy - Stored XSS on adding locations
Envoy - Stored XSS on sign_up page