![]() |
|
HackerOne Disclosed Reports - 2026-07-15 - Printable Version +- Dark C0d3rs (https://darkcoders.wiki) +-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log) +--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports) +--- Thread: HackerOne Disclosed Reports - 2026-07-15 (/Thread-HackerOne-Disclosed-Reports-2026-07-15) |
HackerOne disclosed reports - 2026-07-15 - hashXploiter - 07-16-2026
Medium
resolved Stored XSS in Rocket.Chat HTML File Export — Unauthenticated Entry via LiveChatBug reported by Denis Rostilov was disclosed at July 16, 2026, 5:02 am | Cross-site Scripting (XSS) - Stored A vulnerability was discovered in the HTML file export feature of Rocket.Chat. The vulnerability allowed an attacker to inject arbitrary JavaScript code that would execute when the exported HTML file was opened. The root cause was that the application did not properly sanitize or escape user-supplied data before including it in the exported HTML. As a result, an unauthenticated attacker could leverage the vulnerability to perform actions such as data exfiltration and credential phishing.
Medium
resolved Able to bypass authorization logic and gain more access then intendedBug reported by v1c7 was disclosed at July 15, 2026, 4:35 pm | A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. The vulnerability was fixed in versions 3.21.2, 3.20.4, 3.19.8, 3.18.11, 3.17.17, and 3.16.20. This vulnerability was reported via the GitHub Bug Bounty program.
Medium
resolved Bedrock AgentCore Starter Toolkit Creates Gateway IAM Roles Without Confused Deputy ProtectionsBug reported by Sergio Garcia was disclosed at July 15, 2026, 3:11 pm | Incorrect Permission Assignment for Critical Resource The Bedrock AgentCore Starter Toolkit was found to create IAM roles for the AgentCore Gateway with trust policies that lacked certain condition keys. This enabled a cross-account confused deputy attack where any AgentCore workload in any AWS account could assume the victim's Gateway role. The role granted access to sensitive resources in the account, including secrets, KMS, Lambda, DynamoDB, and S3. |