Skip to content

Latest commit

 

History

History
115 lines (111 loc) · 12.6 KB

TOPSLACK.md

File metadata and controls

115 lines (111 loc) · 12.6 KB

Back

Top reports from Slack program at HackerOne:

  1. Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies to Slack - 752 upvotes, $6500
  2. XSS vulnerable parameter in a location hash to Slack - 427 upvotes, $1100
  3. URL link spoofing to Slack - 336 upvotes, $250
  4. AWS bucket leading to iOS test build code and configuration exposure to Slack - 310 upvotes, $1500
  5. TURN server allows TCP and UDP proxying to internal network, localhost and meta-data services to Slack - 288 upvotes, $3500
  6. Slack DTLS uses a private key that is in the public domain, which may lead to SRTP stream hijack to Slack - 161 upvotes, $2000
  7. XSS in gist integration to Slack - 151 upvotes, $500
  8. Unauthenticated LFI revealing log information to Slack - 117 upvotes, $4000
  9. Stealing xoxs-tokens using weak postMessage / call-popup redirect to current team domain to Slack - 112 upvotes, $3000
  10. Stored XSS on team.slack.com using new Markdown editor of posts inside the Editing mode and using javascript-URIs to Slack - 97 upvotes, $1000
  11. User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files to Slack - 91 upvotes, $750
  12. Real Time Error Logs Through Debug Information to Slack - 89 upvotes, $1500
  13. Many Slack teams can be joined by abusing an improperly configured support@ inbox to Slack - 83 upvotes, $1500
  14. SSRF in api.slack.com, using slash commands and bypassing the protections. to Slack - 77 upvotes, $500
  15. OSX slack:// protocol handler javascript injection to Slack - 71 upvotes, $1000
  16. Eavesdropping on private Slack calls to Slack - 65 upvotes, $1000
  17. The Custom Emoji Page has a Reflected XSS to Slack - 55 upvotes, $1250
  18. Internal SSRF bypass using slash commands at api.slack.com to Slack - 46 upvotes, $500
  19. Linux Desktop application slack executable does not use pie / no ASLR to Slack - 46 upvotes, $100
  20. Store XSS to Slack - 43 upvotes, $500
  21. Bypass of the SSRF protection in Event Subscriptions parameter. to Slack - 43 upvotes, $500
  22. The POODLE attack (SSLv3 supported) at status.slack.com to Slack - 41 upvotes, $500
  23. Information leakage and default open port to Slack - 39 upvotes, $350
  24. CSS Injection to disable app & potential message exfil to Slack - 32 upvotes, $500
  25. URL filter bypass in Enterprise Grid to Slack - 30 upvotes, $100
  26. Snooping into messages via email service to Slack - 28 upvotes, $2500
  27. Stored XSS(Cross Site Scripting) In Slack App Name to Slack - 28 upvotes, $1000
  28. Bypass two-factor authentication to Slack - 25 upvotes, $500
  29. Subdomain takeover on podcasts.slack-core.com to Slack - 24 upvotes, $100
  30. Source code leakage through GIT web access at host '52.91.137.42' to Slack - 23 upvotes, $1500
  31. [Screenhero] Subdomain takeover to Slack - 23 upvotes, $200
  32. CSRF in github integration to Slack - 22 upvotes, $500
  33. Rate-limit bypass to Slack - 22 upvotes, $500
  34. Access of Android protected components via embedded intent to Slack - 21 upvotes, $1000
  35. Race Condition in account survey to Slack - 20 upvotes, $150
  36. HTTP parameter pollution from outdated Greenhouse.io JS dependency to Slack - 19 upvotes, $250
  37. Bypass to postMessage origin validation via FTP to Slack - 14 upvotes, $850
  38. Code Injection in Slack's Windows Desktop Client leads to Privilege Escalation to Slack - 14 upvotes, $750
  39. Information Disclosure on stun.screenhero.com to Slack - 14 upvotes, $700
  40. Invitation reminder emails contain insecure links to Slack - 12 upvotes, $350
  41. dom xss in https://www.slackatwork.com to Slack - 12 upvotes, $200
  42. Open Redirect on slack.com to Slack - 11 upvotes, $500
  43. Bypass of the SSRF protection (Slack commands, Phabricator integration) to Slack - 10 upvotes, $100
  44. User can start call in a channel of an unpaid account to Slack - 10 upvotes, $100
  45. Shared-channel BETA persists integration after unshare to Slack - 9 upvotes, $750
  46. Creating Post on a restricted channel to Slack - 9 upvotes, $500
  47. Relative Path Vulnerability Results in Arbitrary Command Execution/Privilege Escalation to Slack - 8 upvotes, $750
  48. a stored xss issue in https://files.slack.com to Slack - 8 upvotes, $500
  49. Stored XSS Found to Slack - 7 upvotes, $500
  50. Facebook Takeover using Slack using 302 from files.slack.com with access_token to Slack - 7 upvotes, $500
  51. "a stored xss issue in share post menu" to Slack - 7 upvotes, $500
  52. HTML Injection inside Slack promotional emails to Slack - 7 upvotes, $100
  53. Open redirect vulnerability to Slack - 6 upvotes, $0
  54. Data exports stored on S3 can be scraped easily to Slack - 6 upvotes, $0
  55. Authentication bypass leads to sensitive data exposure (token+secret) to Slack - 5 upvotes, $2000
  56. File upload over private IM channel to Slack - 5 upvotes, $500
  57. CSRF - Add optional two factor mobile number to Slack - 5 upvotes, $500
  58. Email information leakage for certain addresses to Slack - 5 upvotes, $400
  59. RC4 cipher suites detected on status.slack.com to Slack - 5 upvotes, $100
  60. Stored XSS in www.slack-files.com to Slack - 4 upvotes, $200
  61. Generate new Test token to Slack - 4 upvotes, $100
  62. Stored XSS in Slackbot Direct Messages to Slack - 3 upvotes, $500
  63. a stored xss in slack integration https://onerror.slack.com/services/import to Slack - 3 upvotes, $500
  64. Email enumeration to Slack - 3 upvotes, $0
  65. Stored XSS on this link https://sehacure.slack.com/help/requests/ to Slack - 3 upvotes, $0
  66. Executing scripts on slack-files.com using SVG to Slack - 3 upvotes, $0
  67. Trick make all fixed open redirect links vulnerable again to Slack - 2 upvotes, $1000
  68. SSRF on https://whitehataudit.slack.com/account/photo to Slack - 2 upvotes, $300
  69. Stored XSS in Slack.com to Slack - 2 upvotes, $300
  70. Reflective XSS can be triggered in IE to Slack - 2 upvotes, $150
  71. Slack OAuth2 "redirect_uri" Bypass to Slack - 2 upvotes, $100
  72. csrf to Slack - 2 upvotes, $0
  73. HTTP Strict Transport Policy not enabled on newly made accounts to Slack - 2 upvotes, $0
  74. flash content type sniff vulnerability in api.slack.com to Slack - 1 upvotes, $500
  75. Reflected Xss to Slack - 1 upvotes, $500
  76. Stored XSS in Slack (weird, trial and error) to Slack - 1 upvotes, $500
  77. URL redirection flaw to Slack - 1 upvotes, $200
  78. Team admin can add billing contacts to Slack - 1 upvotes, $200
  79. Team admin can change unauthorized team setting (require_at_for_mention) to Slack - 1 upvotes, $200
  80. CSRF vulnerability on https://sehacure.slack.com/account/settings to Slack - 1 upvotes, $100
  81. Broken Authentication (including Slack OAuth bugs) to Slack - 1 upvotes, $100
  82. Password Policy issue (Weak Protect) to Slack - 1 upvotes, $100
  83. Team admin can change unauthorized team setting (allow_message_deletion) to Slack - 1 upvotes, $100
  84. an xss issue in https://hunter22.slack.com/help/requests/793043 to Slack - 1 upvotes, $100
  85. Stored XSS to Slack - 1 upvotes, $0
  86. Remote file Inclusion - RFI in upload to Slack - 1 upvotes, $0
  87. Content Spoofing to Slack - 1 upvotes, $0
  88. Unauthenticated Access to some old file thumbnails to Slack - 1 upvotes, $0
  89. Stored XSS in Channel Chat to Slack - 0 upvotes, $500
  90. Duplicate of #4550 to Slack - 0 upvotes, $500
  91. Stored XSS in slack.com (integrations) to Slack - 0 upvotes, $500
  92. Stored XSS in username.slack.com to Slack - 0 upvotes, $500
  93. Content Spoofing all Integrations in https://team.slack.com/services/new/ to Slack - 0 upvotes, $200
  94. File upload XSS (Java applet) on http://slackatwork.com/ to Slack - 0 upvotes, $200
  95. Content spoofing at Stripe Integrations to Slack - 0 upvotes, $100
  96. Open Redirect login account to Slack - 0 upvotes, $100
  97. Logout any user of same team to Slack - 0 upvotes, $100
  98. Reflected Self-XSS in Slack to Slack - 0 upvotes, $100
  99. Self-XSS in posts by formatting text as code to Slack - 0 upvotes, $100
  100. Session Fixation disclosing email address to Slack - 0 upvotes, $0
  101. State parameter missing on google OAuth to Slack - 0 upvotes, $0
  102. User impersonation is possible with incoming webhooks to Slack - 0 upvotes, $0
  103. CSRF on add comment section to Slack - 0 upvotes, $0
  104. Open Redirect in Slack to Slack - 0 upvotes, $0
  105. open redirect in https://slack.com to Slack - 0 upvotes, $0
  106. TLS1/SSLv3 Renegotiation Vulnerability to Slack - 0 upvotes, $0
  107. Deleting Teams implemenation to Slack - 0 upvotes, $0
  108. Link vulnerability leads to phishing attacks to Slack - 0 upvotes, $0

Back