Vend


reports in last 90 days

2

disclosed resolved issues

0

disclosed informative issues

0

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

Medium Race Condition : Exploiting the loyalty claim https://xxx.vendhq.com/loyalty/claim/email/xxxxx url and gain x amount of loyalty bonus/cash

Violation of Secure Design Principles stok Time to triage: 0 Days and 18 hours


Time to close: 23 Days and 20 hours
Resolved

Medium Improper access control on adding a Register to an Outlet

Insecure Direct Object Reference (IDOR) al88nsk Time to triage: 31 Days and 13 hours


Time to close: 3 Days and 20 hours
Resolved