+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2025-08-25 (/Thread-HackerOne-Disclosed-Reports-2025-08-25)
HackerOne disclosed reports - 2025-08-25 - hashXploiter - 08-26-2025
Low
resolved
resolved
AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs
Bug reported by notnotnotveg was disclosed at August 25, 2025, 11:54 pm | Authentication Bypass Using an Alternate Path or Channel
High
resolved
resolved
Stored XSS in AREA tutorials
Bug reported by Ayush was disclosed at August 25, 2025, 12:39 pm | Cross-site Scripting (XSS) - Stored
A stored cross-site scripting (XSS) vulnerability was discovered in the AREA tutorials feature. The vulnerability could have allowed an attacker to inject malicious JavaScript code when publishing a tutorial. The vulnerability was reported and fixed by Autodesk.