User Profile

Me

cablej

About

No information has been set by the researcher

Personal website:
lightningsecurity.io/blog

Recognised by

None listed.

cablej's Recent Activity

View cablej's statistics

Incomplete fix for #181225 (target=_blank vulnerability)

Disclosed by cablej on Paragonie on 2018-04-20

Stored CSS Injection

Disclosed by cablej on Coinbase on 2018-04-02

IDOR exposes receipts of all users.

Disclosed by cablej on Recargapay on 2018-01-10

Password reset link injection allows redirect to malicious URL

Disclosed by cablej on Mavenlink on 2017-12-13

Race Condition in account survey

Disclosed by cablej on Slack on 2017-11-12

Race Condition in Definition Votes

Disclosed by cablej on Urbandictionary on 2017-10-29

Race Condition in Article "Helpful" Indicator

Disclosed by cablej on Zendesk on 2017-10-16

SSRF via webhook

Disclosed by cablej on Mixmax on 2017-07-18

Information disclosure of user by email using buy widget

Disclosed by cablej on Coinbase on 2016-11-16

Denial of Service through set_preference.json

Disclosed by cablej on Keybase on 2016-10-07

Issues with uploading list images

Disclosed by cablej on Instacart on 2016-09-26

Brute force login and bypass locked account restrictions via iOS app

Disclosed by cablej on Instacart on 2016-09-19

API OAuth Public Key disclosure in mobile app

Disclosed by cablej on Instacart on 2016-09-15

Race Condition in Redeeming Coupons

Disclosed by cablej on Instacart on 2016-09-12

User Information sent to client through websockets

Disclosed by cablej on Legalrobot on 2016-09-12

User Information leak allows user to bypass email verification.

Disclosed by cablej on Legalrobot on 2016-09-12

Websites opened from reports can change url of report page

Disclosed by cablej on Hackerone on 2016-04-21

Race condition allowing user to review app multiple times

Disclosed by cablej on Coinbase on 2016-01-14