Trello - HackerOne Bug Reports

Public Trello bug reports.

4,419 Bug Reports - $2,030,173 Paid Out
Last Updated: 12th September, 2017

Team	Bounty	Title
Trello	$128	A CRLF injection into the redirect URL of https://trello.com/1/authorize can be used to cause a denial of service when later redirected to
Trello	-	Unpatched (https://hackerone.com/reports/221928)- Unviladate File Upload to XSS on trello-attachment Bucket
Trello	-	api flaw
Trello	-	XML entity expansion using svg file
Trello	$256	Cross-Site Scripting on Trello's iPhone App
Trello	$128	Malicious file can be hidden as Card Attachment or Card Cover image
Trello	$768	Rate limiting of incorrect Two Factor Authentication codes not enforced
Trello	-	Phone verification code fails to expire and can be used multiple times also in different accounts to verify same cellphone number on Trello.com
Trello	-	Email authentication token fails to expire and can be used multiple times for same Email address on Trello.com
Trello	-	Exporting JSON of other Boards
Trello	-	The contact page is vulnerable to self-XSS via upload file name
Trello	-	SVG Uploads / Attachments can be viewed by anyone that knows the URL
Trello	$2,048	Stealing power up private tokens (trello, twitter, github...)
Trello	$256	Can run arbitrary script on em.trello.com
Trello	$128	XSS on blog.trello.com
Trello	$128	Full Sub Domain Takeover at help.trello.com.
Trello	-	Unvalidated/Open Redirect allowing attackers to implement phishing attack
Trello	-	Subdomain Take over & username enemuration
Trello	$128	SSRF in account webhook (through API)
Trello	-	Security code not getting invalidate on requesting New
Trello	$1,024	File access using image tragick
Trello	-	XSS and Open-Redirect via SVG
Trello	-	Verification Code Reused For activating 2FA
Trello	-	Sending Unlimited Mails To Anybody With Easy Social Share Buttons Plugin
Trello	-	Report bug on jetpack plugin
Trello	-	XSS in Jetpack plugin
Trello	$128	XSS in Jetpack Plugin
Trello	-	Error Page Text Injection.
Trello	$128	Cross site scripting in blog.trello.com
Trello	$1,536	Payments informations are sent to the webhook when a team changes its visibility
Trello	$1,024	If a team is public, the web socket receives data about the Team visible boards
Trello	$768	Using WebSocket I can always access organization data even if I am removed
Trello	$1,152	DOM based XSS via Wistia embedding
Trello	$128	CSV Injection
Trello	$256	Normal User can add new users to group
Trello	$128	[blog.trello.com] CRLF Injection
Trello	$64	[trello.com] Open Redirect