Brave


reports in last 90 days

47

disclosed resolved issues

16

disclosed informative issues

3

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium Stored XSS in localhost:* via integrated torrent downloader

Cross-site Scripting (XSS) - Stored ryotak Time to triage: 2 Days and 8 hours


Time to close: 0 Days and 0 hours
Resolved

Low Lack of quarantine meta-attribute for downloaded files leads to GateKeeper bypass

Violation of Secure Design Principles metnew Time to triage: 3 Days and 12 hours


Time to close: 31 Days and 13 hours
Resolved

Low Link obfuscation bug

Cryptographic Issues - Generic padpao Issue was not triaged


Time to close: 0 Days and 17 hours
Informative

Medium There is vulnebility Click Here TO fix

Brute Force sonicnik Issue was not triaged


Time to close: 0 Days and 0 hours
Not-applicable

Low Homograph Attack Bypass [ Tested on Linux & Windows ]

Violation of Secure Design Principles apapedulimu Time to triage: 1 Days and 12 hours


Time to close: 2 Days and 9 hours
Resolved

Medium Field Day With Protocol Handlers

None supplied mushicious Issue was not triaged


Time to close: 4 Days and 18 hours
Resolved

Low DMARC RECORD MISSING

None supplied hackthedevil Issue was not triaged


Time to close: 0 Days and 12 hours
Resolved

Medium Brave allows flash to follow 307 redirects to other origins with arbitrary content-types

Violation of Secure Design Principles tvgfvghjbhunj Issue was not triaged


Time to close: 1 Days and 15 hours
Informative

Medium Field Day With Protocol Handlers

None supplied mushicious Issue was not triaged


Time to close: 4 Days and 18 hours
Resolved

High chrome://brave can still be navigated to, leading to RCE

Code Injection qab Time to triage: 0 Days and 12 hours


Time to close: 7 Days and 10 hours
Resolved

Critical chrome://brave navigation from web

Code Injection qab Time to triage: 2 Days and 20 hours


Time to close: 3 Days and 10 hours
Resolved

High [Android] HTML Injection in BatterySaveArticleRenderer WebView

Cross-site Scripting (XSS) - Generic bobrov Time to triage: 4 Days and 21 hours


Time to close: 21 Days and 17 hours
Resolved

High RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context

None supplied metnew Time to triage: 0 Days and 6 hours


Time to close: 7 Days and 10 hours
Resolved

Medium Navigation to restricted origins via "Open in new tab"

None supplied metnew Time to triage: 1 Days and 23 hours


Time to close: 60 Days and 2 hours
Resolved

Medium URL spoofing in Brave for macOS

None supplied metnew Time to triage: 1 Days and 2 hours


Time to close: 63 Days and 17 hours
Resolved

Medium URL spoofing using protocol handlers

None supplied metnew Time to triage: 4 Days and 8 hours


Time to close: 65 Days and 5 hours
Resolved

Low `alert()` dialogs on `chrome-extension://` origin (internal pages)

None supplied metnew Issue was not triaged


Time to close: 25 Days and 7 hours
Duplicate

Low Cross-origin page stays focused before/after downloading + uninformative modal window for download

None supplied metnew Time to triage: 1 Days and 3 hours


Time to close: 51 Days and 9 hours
Resolved

Low `settingcontent-ms` files lacks "mark of the web" => execute code by dbl click in Downloads toolbar

None supplied metnew Issue was not triaged


Time to close: 7 Days and 2 hours
Informative

High `chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"]

None supplied metnew Time to triage: 0 Days and 16 hours


Time to close: 18 Days and 20 hours
Resolved

High Local files reading from the "file://" origin through `brave://`

None supplied metnew Issue was not triaged


Time to close: 4 Days and 20 hours
Resolved

High Local files reading using `link[rel="import"]`

None supplied metnew Time to triage: 1 Days and 1 hours


Time to close: 31 Days and 12 hours
Resolved

Critical Sending arbitrary IPC messages via overriding Function.prototype.apply

Command Injection - Generic masatokinugawa Time to triage: 0 Days and 3 hours


Time to close: 0 Days and 21 hours
Resolved

Low DoS in Brave browser for iOS

Denial of Service metnew Time to triage: 10 Days and 16 hours


Time to close: 91 Days and 0 hours
Resolved

Medium Navigation to protocol handler URL from the opened page displayed as a request from this page.

None supplied metnew Time to triage: 2 Days and 0 hours


Time to close: 51 Days and 10 hours
Resolved