Public TTS Bug Bounty bug reports.

Team Bounty Title
TTS Bug Bounty - {REDACTED}.data.gov subdomain takeover.
TTS Bug Bounty - Email Spoofing - SPF record set to Neutral
TTS Bug Bounty - Email Spoofing - SPF record set to Neutral
TTS Bug Bounty - federalist.18f.gov vulnerable to Sweet32 attack
TTS Bug Bounty - Subdomain take-over of {REDACTED}.18f.gov
TTS Bug Bounty $150 The Federalsit session cookie (federalist.sid) is not properly invalidated - backdoor access to the account is possible
TTS Bug Bounty $150 Race condition on the Federalist API endpoints can lead to the Denial of Service attack
TTS Bug Bounty $350 [IDOR] The authenticated user can restart website build or view build logs on any another Federalist account
TTS Bug Bounty $300 The user, who was deleted from Github Organization, still can access all functions of federalist, in case he didn't do logout
TTS Bug Bounty $300 Double Stored Cross-Site scripting in the admin panel