Public
Factlink
bug reports.
4,419
Bug Reports -
$2,030,173
Paid Out
Last Updated:
12th September, 2017
Team
Bounty
Title
Factlink
-
Frameset Proxy Problem
Factlink
-
File name/folder enumeration.
Factlink
-
XSS 01 on staging.fct.li
Factlink
-
Click-Jacking due to missing X-frame header
Factlink
-
Criptographic Issue: Strisct Transport Security with not good max age..(TOO SHORT!)
Factlink
-
Anonymous Proxy and IP leak
Factlink
-
Password reset link doesn't expire.
Factlink
-
Meta characters not filtered on signup
Factlink
-
Proxy service crash DoS
Factlink
-
X/Csrf token problem
Factlink
-
Session not expired on logout
Factlink
-
Sign up CSRF
Factlink
-
Password Complexity very low.
Factlink
-
Missing SPF for factlink.com and Staging.factlink.com
Factlink
-
Leaking of password reset token through referer
Factlink
-
Login CSRF using Twitter oauth
Factlink
-
Url Redirection
Factlink
-
HTML5 cross-origin resource sharing
Factlink
-
Click jacking
Factlink
-
Proxy discloses internal web servers