Urbandictionary


reports in last 90 days

12

disclosed resolved issues

2

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Low Users able to set video url for unpublished words and able to see the name of unpublished words

Information Disclosure red_assassin Time to triage: 3 Days and 13 hours


Time to close: 0 Days and 0 hours
Resolved

No rating Domain does not Match SSL Certificate

Man-in-the-Middle kittiesscript Time to triage: 1 Days and 6 hours


Time to close: 0 Days and 0 hours
Informative

No rating Source Code Disclosure

Information Disclosure linkks Issue was not triaged


Time to close: 0 Days and 0 hours
Informative

Low See details of a unpublished word by guessing the word ID

Information Disclosure tyagiji Time to triage: 0 Days and 9 hours


Time to close: 5 Days and 14 hours
Resolved

Medium Stored XSS on urbandictionary.com

Cross-site Scripting (XSS) - Stored flex0geek Time to triage: 30 Days and 8 hours


Time to close: 1 Days and 14 hours
Resolved

No rating Race Condition in Definition Votes

None supplied cablej Time to triage: 138 Days and 22 hours


Time to close: 41 Days and 22 hours
Resolved

High Session replay vulnerability in www.urbandictionary.com

Insufficient Session Expiration tcpiplab Issue was not triaged


Time to close: 55 Days and 7 hours
Resolved

No rating Text injection on Auth problem at urbandictionary.com

Violation of Secure Design Principles ak1t4 Issue was not triaged


Time to close: 40 Days and 22 hours
Resolved

No rating Infinite Upvoting/Downvoting: Lockout Bypass, Plus: Exposed API Documentation

None supplied rchase Time to triage: 3 Days and 1 hours


Time to close: 16 Days and 22 hours
Resolved

No rating Cross-Site Scripting Vulnerability in urbandictionary.com

Cross-site Scripting (XSS) - Generic ishahriyar Time to triage: 23 Days and 8 hours


Time to close: 0 Days and 0 hours
Resolved

No rating URGENT - Subdomain Takeover in support.urbandictionary.com pointing to Zendesk

Code Injection harry_mg Issue was not triaged


Time to close: 0 Days and 3 hours
Resolved

No rating Reflective Xss Vulnerability

Cross-site Scripting (XSS) - Generic alyssa_herrera Time to triage: 0 Days and 4 hours


Time to close: 0 Days and 2 hours
Resolved

No rating Open URL Redirection

Open Redirect mafia Time to triage: 4 Days and 20 hours


Time to close: 0 Days and 3 hours
Resolved

No rating Open Redirection

Open Redirect atom Time to triage: 4 Days and 22 hours


Time to close: 0 Days and 2 hours
Resolved