Public Moneybird bug reports.

Team Bounty Title
Moneybird $50 Stored XSS at Moneybird
Moneybird - Moneybird customers invoices leak in cacheable urls
Moneybird $50 Stored Cross Site Scripting in Customer Name
Moneybird - Webhook allows sending payload using insecure HTTP protocol
Moneybird $50 [Stored Cross-Site-Scripting] When search about Incoming ( Manual Jurnal )
Moneybird $25 Logging out any user
Moneybird $50 [STORED XSS] in debtor reports of ,,invoices''
Moneybird $50 Reflected XSS in Backend search
Moneybird $100 Employees with Any Permissions Can Create App with Full Permissions and Perform any API Action
Moneybird $25 information disclose
Moneybird $25 Content Spoofing In Moneybird
Moneybird $50 Open Redirect vulnerability in
Moneybird $50 Stored XSS in Financial Account executing in Bank tab
Moneybird $100 Malicious File Upload
Moneybird $150 XXE issue
Moneybird $25 Stored XSS thru SVG upload
Moneybird $50 CSV Injection with the CSV export feature