Lob


reports in last 90 days

1

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

No rating Discloser of Internal Ip address

Information Disclosure ghostin Issue was not triaged


Time to close: 0 Days and 2 hours
Duplicate

High Blind SSRF/XSPA on dashboard.lob.com + blind code injection

Server-Side Request Forgery (SSRF) ninjatoy Issue was not triaged


Time to close: 0 Days and 8 hours
Duplicate

Critical Old WebKit HTML agent in Template Preview function has multiple known vulnerabilities leading to RCE

Use After Free ajxchapman Time to triage: 0 Days and 9 hours


Time to close: 3 Days and 5 hours
Resolved