Unauthorized Canceling/Unsubscribe TaxJar account & Payment information DIsclosure
Stripe disclosed a bug submitted by mr_asg: https://hackerone.com/reports/1679124 - Bounty: $500 [Source]
[Broken Access Control ] Unauthorized Linking accounts & Linked Accounts info DIsclosure
Stripe disclosed a bug submitted by mr_asg: https://hackerone.com/reports/1672614 - Bounty: $250 [Source]
Missing length validation of user displayname allows to generate an SQL error
Nextcloud disclosed a bug submitted by errorx404: https://hackerone.com/reports/1588562 [Source]
How policymakers helped expand the adoption of bug bounty programs in 2022
Thanks to lawmakers, 2022 was one of the best years ever for the advancement, validation, and growth of the bug bounty and crowdsourced security industry. As we look back over the cybersecurity developments in 2022, we see a year where bug bounty programs and vulnerability disclosure policies (VDP) were increasingly...