Dark C0d3rs

Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2025-04-06
Full Version: HackerOne Disclosed Reports - 2025-04-06
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

hashXploiter

04-07-2025, 06:00 PM
Logo
Medium
resolved

Information disclouser from URL parameter "access" lead to Account Takeover


Bug reported by Jovan was disclosed at April 7, 2025, 10:32 am   |   Information Disclosure

The vulnerability allowed disclosure of sensitive information, such as JWT tokens, from URL parameters. These tokens could be used to gain unauthorized access to user accounts.


Logo
Low
resolved

Disclosure of git metadata and springboot actuator information


Bug reported by Juan Felipe Osorio Z was disclosed at April 7, 2025, 8:38 am   |   Information Disclosure

The vulnerability involved the disclosure of git metadata and Springboot actuator information, which was responsibly disclosed and addressed through collaboration with the hacker.


Dark C0d3rs > Exploit Log > Research Papers/Vulnerability reports > HackerOne Disclosed Reports - 2025-04-06