Public Pushwoosh bug reports.

Team Bounty Title
Pushwoosh - Clickjacking
Pushwoosh - Publicy accessible IDRAC instance at api-m.inapp.pushwoosh.com
Pushwoosh - Read Application Name , Subscribers Count
Pushwoosh - Nginx version disclosure via response header
Pushwoosh - Administrator Access To Management Console
Pushwoosh - Bypass the resend limit in Send Invites
Pushwoosh - Password Forgot/Password Reset Request Bug
Pushwoosh - Unsecured Grafana instance
Pushwoosh - Spam Some one using (user.saveInvite) system
Pushwoosh - Nginx server version disclosure
Pushwoosh - Reflected Xss on
Pushwoosh - htaccess file is accesible
Pushwoosh - Spoof Email with Hyperlink Injection via Invites functionality
Pushwoosh - Cross-Site Scripting Stored On Rich Media
Pushwoosh - Stored XSS in Filters