TOPPARAGONINITIATIVEENTERPRISES.md

Top reports from Paragon Initiative Enterprises program at HackerOne:

1. BAD Code ! to Paragon Initiative Enterprises - 483 upvotes, $0
2. DMARC Not found for paragonie.com URGENT to Paragon Initiative Enterprises - 136 upvotes, $0
3. Subdomain Takeover to Paragon Initiative Enterprises - 67 upvotes, $0
4. I am because bug to Paragon Initiative Enterprises - 38 upvotes, $0
5. ssl info shown to Paragon Initiative Enterprises - 31 upvotes, $0
6. [Critical] billion dollars issue to Paragon Initiative Enterprises - 29 upvotes, $0
7. Stored Cross-Site-Scripting in CMS Airship's authors profiles to Paragon Initiative Enterprises - 23 upvotes, $50
8. Email Spoof to Paragon Initiative Enterprises - 16 upvotes, $0
9. Site support SNI But Browser can't to Paragon Initiative Enterprises - 15 upvotes, $0
10. Content-type sniffing leads to stored XSS in CMS Airship on Internet Explorer to Paragon Initiative Enterprises - 15 upvotes, $0
11. Spf to Paragon Initiative Enterprises - 14 upvotes, $0
12. Stored XSS using SVG to Paragon Initiative Enterprises - 12 upvotes, $50
13. Paragonie Airship Admin CSRF on Extensions Pages to Paragon Initiative Enterprises - 11 upvotes, $100
14. Full directory path listing to Paragon Initiative Enterprises - 10 upvotes, $0
15. Improper access control lead To delete anyone comment to Paragon Initiative Enterprises - 8 upvotes, $100
16. Directory Disclose,Email Disclose Zendmail vulnerability to Paragon Initiative Enterprises - 8 upvotes, $50
17. Stored XSS in comments to Paragon Initiative Enterprises - 6 upvotes, $25
18. [Airship CMS] Local File Inclusion - RST Parser to Paragon Initiative Enterprises - 6 upvotes, $0
19. Incorrect detection of onion URLs to Paragon Initiative Enterprises - 5 upvotes, $50
20. Session Management to Paragon Initiative Enterprises - 5 upvotes, $0
21. Issue with password reset functionality [Minor] to Paragon Initiative Enterprises - 5 upvotes, $0
22. Incomplete fix for #181225 (target=_blank vulnerability) to Paragon Initiative Enterprises - 5 upvotes, $0
23. Open-redirect on paragonie.com to Paragon Initiative Enterprises - 4 upvotes, $50
24. Cross-site-Scripting to Paragon Initiative Enterprises - 4 upvotes, $50
25. Invited user to a Author profile can remove the owner of that Author to Paragon Initiative Enterprises - 4 upvotes, $50
26. CSRF AT SUBSCRIBE TO LIST to Paragon Initiative Enterprises - 4 upvotes, $0
27. Broken Authentication & Session Management - Failure to Invalidate Session on all other browsers at Password change to Paragon Initiative Enterprises - 4 upvotes, $0
28. Airship: Persistent XSS via Comment to Paragon Initiative Enterprises - 4 upvotes, $0
29. CSRF token does not valided during blog comment to Paragon Initiative Enterprises - 3 upvotes, $25
30. User enumeration via Password reset page [Minor] to Paragon Initiative Enterprises - 3 upvotes, $0
31. Email Spoofing With Your Website's Email to Paragon Initiative Enterprises - 3 upvotes, $0
32. SMTP server allows anonymous relay from internal addresses to internal addresses to Paragon Initiative Enterprises - 3 upvotes, $0
33. Github repo's wiki publicly editable to Paragon Initiative Enterprises - 3 upvotes, $0
34. Recaptcha Secret key Leaked to Paragon Initiative Enterprises - 3 upvotes, $0
35. Missing rel=noopener noreferrer in target=_blank links (Phishing attack) to Paragon Initiative Enterprises - 2 upvotes, $50
36. Information Disclosure in Error Page to Paragon Initiative Enterprises - 2 upvotes, $0
37. Missing SPF to Paragon Initiative Enterprises - 2 upvotes, $0
38. Email spoofing in [email protected] to Paragon Initiative Enterprises - 2 upvotes, $0
39. Nginx Version Disclosure On Forbidden Page to Paragon Initiative Enterprises - 2 upvotes, $0
40. Full path disclosure when CSRF validation failed to Paragon Initiative Enterprises - 2 upvotes, $0
41. Session Management Issue CMS Airship to Paragon Initiative Enterprises - 2 upvotes, $0
42. [URGENT] Password reset emails are sent in clear-text (without encryption) to Paragon Initiative Enterprises - 2 upvotes, $0
43. Full Path Disclosure by removing CSRF token to Paragon Initiative Enterprises - 2 upvotes, $0
44. Not clearing hex-decoded variable after usage in Authentication to Paragon Initiative Enterprises - 2 upvotes, $0
45. directory information disclose to Paragon Initiative Enterprises - 2 upvotes, $0
46. Full Path Disclousure on https://airship.paragonie.com to Paragon Initiative Enterprises - 2 upvotes, $0
47. no session logout after changing the password in https://bridge.cspr.ng/ to Paragon Initiative Enterprises - 2 upvotes, $0
48. Improper validation of Email to Paragon Initiative Enterprises - 2 upvotes, $0
49. Your Application Have Cacheable SSL Pages to Paragon Initiative Enterprises - 2 upvotes, $0
50. Github wikis are editable by anyone https://github.com/paragonie/password_lock/wiki to Paragon Initiative Enterprises - 2 upvotes, $0
51. Full Path Disclosure to Paragon Initiative Enterprises - 1 upvotes, $50
52. Vunerability : spf to Paragon Initiative Enterprises - 1 upvotes, $0
53. DNSsec not configured to Paragon Initiative Enterprises - 1 upvotes, $0
54. The Anti-CSRF Library fails to restrict token to a particular IP address when being behind a reverse-proxy/WAF to Paragon Initiative Enterprises - 1 upvotes, $0
55. Missing SPF for paragonie.com to Paragon Initiative Enterprises - 1 upvotes, $0
56. SSL certificate public key less than 2048 bit to Paragon Initiative Enterprises - 1 upvotes, $0
57. Email Authentication Bypass to Paragon Initiative Enterprises - 1 upvotes, $0
58. Full path disclosure vulnerability on paragonie.com to Paragon Initiative Enterprises - 1 upvotes, $0
59. Email Authentication bypass Vulnerability to Paragon Initiative Enterprises - 1 upvotes, $0
60. Cross-domain AJAX request to Paragon Initiative Enterprises - 1 upvotes, $0
61. Email spoofing to Paragon Initiative Enterprises - 1 upvotes, $0
62. Missing SPF records for paragonie.com to Paragon Initiative Enterprises - 1 upvotes, $0
63. file full path discloser. to Paragon Initiative Enterprises - 1 upvotes, $0
64. Missing SPF for paragonie.com to Paragon Initiative Enterprises - 1 upvotes, $0
65. Blind SQL INJ to Paragon Initiative Enterprises - 1 upvotes, $0
66. Airship doesn't reject weak passwords to Paragon Initiative Enterprises - 1 upvotes, $0
67. Using plain git protocol (vulnerable to MITM) to Paragon Initiative Enterprises - 1 upvotes, $0
68. There is an vulnerability in https://bridge.cspr.ng where an attacker can users directory to Paragon Initiative Enterprises - 1 upvotes, $0
69. Missing SPF for https://paragonie.com/ to Paragon Initiative Enterprises - 0 upvotes, $0
70. Missing GIT tag/commit verification in Docker to Paragon Initiative Enterprises - 0 upvotes, $0
71. Not using Binary::safe* functions for substr/strlen function to Paragon Initiative Enterprises - 0 upvotes, $0
72. Non-secure requests are not automatically upgraded to HTTPS to Paragon Initiative Enterprises - 0 upvotes, $0
73. Full Path Disclosure in airship.paragonie.com '/cabins/' to Paragon Initiative Enterprises - 0 upvotes, $0
74. Full Path Disclosure in password lock to Paragon Initiative Enterprises - 0 upvotes, $0
75. Full Path Disclosure In EasyDB to Paragon Initiative Enterprises - 0 upvotes, $0