Quora


reports in last 90 days

6

disclosed resolved issues

2

disclosed informative issues

1

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium [Quora Android] Possible to steal arbitrary files from mobile device

Information Disclosure bagipro Time to triage: 1 Days and 6 hours


Time to close: 19 Days and 13 hours
Resolved

Low XSS through `__e2e_action_id` delivered by JSONP

Cross-site Scripting (XSS) - Reflected 0xnan Time to triage: 6 Days and 23 hours


Time to close: 6 Days and 20 hours
Resolved

Low XSS when clicking "Share to Twitter" at quora.com/widgets/embed_iframe?path=...

Cross-site Scripting (XSS) - Generic stefanofinding Time to triage: 69 Days and 9 hours


Time to close: 76 Days and 4 hours
Resolved

Medium IDNs displayed in unicode

Violation of Secure Design Principles hk755a Issue was not triaged


Time to close: 35 Days and 0 hours
Informative

Medium [Quora Android] Possible to steal arbitrary files from mobile device

Information Disclosure bagipro Time to triage: 1 Days and 6 hours


Time to close: 19 Days and 13 hours
Resolved

Medium Possibility of DOS Through logging System

None supplied imran-parray Issue was not triaged


Time to close: 0 Days and 16 hours
Informative

Medium self xss in

Cross-site Scripting (XSS) - Generic panther Issue was not triaged


Time to close: 3 Days and 4 hours
Not-applicable

Low [Android] XSS via start ContentActivity

Cross-site Scripting (XSS) - Generic bobrov Time to triage: 28 Days and 18 hours


Time to close: 58 Days and 0 hours
Resolved

Medium [controlsyou.quora.com] 429 Too Many Requests Error-Page XSS

Cross-site Scripting (XSS) - Generic bobrov Time to triage: 27 Days and 22 hours


Time to close: 31 Days and 23 hours
Resolved