SSRF Keycloak before 13.0.0 – CVE-2020-10770 on https://sponsoredata.mtn.ci MTN Group disclosed a bug submitted by renzi: https://hackerone.com/reports/1379080 [Source]
Able to see location coordinates in any event without permission to do so FetLife disclosed a bug submitted by ezzra: https://hackerone.com/reports/2610467 [Source]