Gocd


reports in last 90 days

8

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

No rating XSS in http://localhost:8153/go/admin/config/server/update

Cross-site Scripting (XSS) - Generic pradeepch99 Time to triage: 0 Days and 10 hours


Time to close: 44 Days and 15 hours
Resolved

No rating Reflected XSS

Cross-site Scripting (XSS) - Generic kiraak-boy Issue was not triaged


Time to close: 8 Days and 16 hours
Duplicate

No rating Cross Site Scripting

Cross-site Scripting (XSS) - Generic kiraak-boy Time to triage: 0 Days and 5 hours


Time to close: 2 Days and 18 hours
Resolved

No rating Possible SSRF at URL Parameter while creating a new package repository

Information Disclosure kiraak-boy Issue was not triaged


Time to close: 0 Days and 6 hours
Resolved

Medium Imperfect CSRF To Overwrite Server Config at /go/admin/restful/configuration/file/POST/xml

Cross-Site Request Forgery (CSRF) 4cad Issue was not triaged


Time to close: 12 Days and 13 hours
Resolved

High Spring security configuration allows agent sessions to be hijacked

Improper Authentication - Generic 4cad Issue was not triaged


Time to close: 8 Days and 13 hours
Resolved

Medium Reflected XSS vector

Cross-site Scripting (XSS) - Generic creased Issue was not triaged


Time to close: 52 Days and 9 hours
Resolved

No rating Directory Listening

Information Disclosure kiraak-boy Time to triage: 8 Days and 13 hours


Time to close: 9 Days and 9 hours
Resolved

No rating X-Content-Type-Options header missing at Auth Login

Violation of Secure Design Principles kiraak-boy Time to triage: 1 Days and 19 hours


Time to close: 0 Days and 20 hours
Resolved