Alienvault_security


reports in last 90 days

15

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium SSRF bypass #2 (using octal encoding) on the https://www.threatcrowd.org/domain.php

Server-Side Request Forgery (SSRF) sp1d3rs Time to triage: 0 Days and 21 hours


Time to close: 0 Days and 20 hours
Resolved

Medium SSRF bypass for https://hackerone.com/reports/285380 (query AWS instance)

Server-Side Request Forgery (SSRF) sp1d3rs Time to triage: 1 Days and 1 hours


Time to close: 0 Days and 21 hours
Resolved

High DNS pinning SSRF

Server-Side Request Forgery (SSRF) cujanovic Time to triage: 1 Days and 3 hours


Time to close: 65 Days and 5 hours
Resolved

Medium SSRF bypass #2 (using octal encoding) on the https://www.threatcrowd.org/domain.php

Server-Side Request Forgery (SSRF) sp1d3rs Time to triage: 0 Days and 21 hours


Time to close: 0 Days and 20 hours
Resolved

Medium SSRF bypass for https://hackerone.com/reports/285380 (query AWS instance)

Server-Side Request Forgery (SSRF) sp1d3rs Time to triage: 1 Days and 1 hours


Time to close: 0 Days and 21 hours
Resolved

High Server Side Request Forgery protection bypass № 2

Server-Side Request Forgery (SSRF) e3xpl0it Time to triage: 0 Days and 2 hours


Time to close: 0 Days and 20 hours
Resolved

Medium DNS pinning SSRF bypass

Server-Side Request Forgery (SSRF) cujanovic Time to triage: 1 Days and 0 hours


Time to close: 5 Days and 22 hours
Resolved

High Puplic .htaccess/.htpasswd/.canvas files leads to password disclosure.

Password in Configuration File kendoclaw Time to triage: 5 Days and 14 hours


Time to close: 0 Days and 0 hours
Resolved

Medium [www.threatcrowd.org] Reflected XSS Bypass

Cross-site Scripting (XSS) - Reflected zee_shan Time to triage: 0 Days and 1 hours


Time to close: 4 Days and 22 hours
Resolved

Critical [www.threatcrowd.org] - SSRF : AWS private key disclosure

Information Disclosure ramsexy Time to triage: 0 Days and 18 hours


Time to close: 4 Days and 1 hours
Resolved

Critical SSRF protection bypass

Server-Side Request Forgery (SSRF) ramsexy Time to triage: 0 Days and 1 hours


Time to close: 0 Days and 21 hours
Resolved

Medium [www.threatcrowd.org] - reflected XSS

Cross-site Scripting (XSS) - Reflected ramsexy Time to triage: 0 Days and 11 hours


Time to close: 4 Days and 6 hours
Resolved

Medium [www.threatcrowd.org] - reflected XSS in graphViewMap.php

Cross-site Scripting (XSS) - Reflected ramsexy Time to triage: 0 Days and 7 hours


Time to close: 4 Days and 5 hours
Resolved

Medium [www.threatcrowd.org] - reflected XSS in report.php

Cross-site Scripting (XSS) - Reflected ramsexy Time to triage: 0 Days and 7 hours


Time to close: 4 Days and 6 hours
Resolved

High DOM Based XSS in https://threatcrowd.org

Cross-site Scripting (XSS) - DOM ducnt_ Issue was not triaged


Time to close: 2 Days and 14 hours
Duplicate

Critical SQL Injection in AlienVault Product Forums

SQL Injection hussain_0x3c Issue was not triaged


Time to close: 0 Days and 17 hours
Resolved