Kaspersky


reports in last 90 days

9

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium MitM attacks on HSTS-protected hosts are possible

Man-in-the-Middle palant Time to triage: 0 Days and 0 hours


Time to close: 136 Days and 20 hours
Resolved

Low Stored credentials instantly autofilled within sandboxed iframes

Information Disclosure alesandroortiz Time to triage: 8 Days and 10 hours


Time to close: 45 Days and 8 hours
Resolved

Medium Certificate warnings and similar UI elements are susceptible to clickjacking

UI Redressing (Clickjacking) palant Time to triage: 0 Days and 3 hours


Time to close: 132 Days and 3 hours
Resolved

High Opening up a Universal XSS vulnerability in Microsoft Edge

Cross-site Scripting (XSS) - Generic palant Time to triage: 1 Days and 23 hours


Time to close: 130 Days and 18 hours
Resolved

Medium Kaspersky Password Manager: HTML injection in the browser action pop-up via user name

Cross-site Scripting (XSS) - Stored palant Time to triage: 0 Days and 1 hours


Time to close: 25 Days and 21 hours
Resolved

Medium test report

Heap Overflow rkhunter Time to triage: 0 Days and 0 hours


Time to close: 0 Days and 0 hours
Resolved

High Hard Coded username and password in registry

Use of Hard-coded Credentials bluedangerforyou Time to triage: 19 Days and 19 hours


Time to close: 80 Days and 19 hours
Resolved

Low Keys

Information Disclosure ashishag29 Issue was not triaged


Time to close: 96 Days and 18 hours
Resolved

Critical In App purchase Hack

Use of a Key Past its Expiration Date huntman Issue was not triaged


Time to close: 84 Days and 23 hours
Resolved