Security reports

Security reports by Rbcafe.

Hackerone

#410087 Expose user IP if TOR crashs
#000000 Dept Of Defense bug
#000000 Mail.ru related bug
#000000 Starbucks related bug
#000000 Starbucks related bug
#330721 Expose relay IP in the debug (The source is different from the rendering)
#378209 Ajouter le même utilisateur que celui déjà inscrit dans les équipes
#217430 [connect.teavana.com] Open Redirect and abuse of connect.teavana.com
#227663 [https://www.dashlane.com] Test Panel Disclosure
#000000 Twitter related bug
#219197 [****************.gnip.com] .htpasswd
#198773 Drone Nextcloud
#201948 Disclosure of information on static.dl.mail.ru
#201489 Wordpress 4.7.1
#198673 HTTP-Basic Authentication on logs.nextcloud.com
#198012 Disclosure of administrators via JSON on nextcloud.com WordPress
#000000 Marktplaats related bug
#000000 Spotify related bug
#000000 Quora related bug
#173175 Obtain the username & the uid of the one doing the S3 sync on Hackerone

Bugcrowd

https://bugcrowd.com/Rbcafe

Bugcrowd Hall Of Fame

Bugcrowd Hall Of Fame

Bountyfactory

Bountyfactory

GEN [04/3200]

https://bountyfactory.io/ranking/

CCM

CCM [02/87]

https://bountyfactory.io/ccm-benchmark-group/ccm-net-ccm-benchmark-group

Outscale

OUTSCALE [02/17]

https://bountyfactory.io/outscale/outscale-cockpit-bug-bounty-program

OVH

OVH [03/108]

https://bountyfactory.io/ovh/ovh/

Apple

https://support.apple.com/fr-fr/HT201536

2017-05-12 webcast.apple.com

A server configuration issue was addressed. We would like to acknowledge Rbcafe (rbcafe.com) and an anonymous researcher for reporting this issue.