Public Mobile Vikings bug reports.

Team Bounty Title
Mobile Vikings - XSS Vulnerability on all pages
Mobile Vikings - Approve topup method by sender of this method
Mobile Vikings - Enum phone numbers thru /en/sims/topup/add/
Mobile Vikings - Username and sim id enum
Mobile Vikings - CSRF token from another valid user session accepted
Mobile Vikings - Stored xss in user name (2) affected another user.
Mobile Vikings - Stored xss in user name
Mobile Vikings - Reflected xss in user name thru cookie
Mobile Vikings - Number, username and name disclosure
Mobile Vikings - Stored XSS in Direct debit name
Mobile Vikings - Insecure crossdomain.xml