Page 453 of 465

Re: Manual Approval Thread

Posted: Sat Aug 21, 2021 11:40 am
by amlnspqr
Also these got rejected for some reason:

2120669
2120670
2120673
2120675
2120676
2120677
2120678
2120679
2120684
2120668
2120671
2120672
2120674
2120680

Just checked myself, all work fine. Additional steps provided where needed

Re: Manual Approval Thread

Posted: Wed Aug 25, 2021 7:07 am
by s3r_epixin
Manual approve please: 2124699

Re: Manual Approval Thread

Posted: Wed Aug 25, 2021 7:33 am
by x1admin
approved

Re: Manual Approval Thread

Posted: Wed Aug 25, 2021 10:41 am
by 0xr0cky
Please, change 2091356 vulnerability type from XSS to IAC and approve these reports:

IAC (stacktrace)
- 2050572
- 2054005
- 2065456
- 2088884
- 2088900

XSS
- 2086541
- 2086544
- 2086546
- 2088431
- 2088879
- 2091326

Thank you.

Re: Manual Approval Thread

Posted: Thu Aug 26, 2021 9:13 am
by x1admin
done

Re: Manual Approval Thread

Posted: Thu Aug 26, 2021 9:15 pm
by MvDevtest
Hi there - I own manyvids.com bug bounty.
The Report ID 2127119 has been opened by user MarWan__XD. Please approve it as it is valid, but there's no correct category to select.

Thanks

Re: Manual Approval Thread

Posted: Thu Aug 26, 2021 10:55 pm
by amlnspqr
x1admin wrote:
Wed Aug 25, 2021 7:33 am
approved
Thanks!

2127108 please

Re: Manual Approval Thread

Posted: Sun Aug 29, 2021 6:16 pm
by JonLaing4
Hello,

Please approve ID 2127844

Xss is possible with using the payload %3Cimg+src%3Dx+onerror%3Dalert%28%27OPENBUGBOUNTY%27%29+ in the search parameter.

Thanks

Re: Manual Approval Thread

Posted: Tue Aug 31, 2021 6:30 pm
by amlnspqr
2130117, steps included

Re: Manual Approval Thread

Posted: Wed Sep 01, 2021 8:26 am
by JonLaing4
JonLaing4 wrote:
Sun Aug 29, 2021 6:16 pm
Hello,

Please approve ID 2127844

Xss is possible with using the payload %3Cimg+src%3Dx+onerror%3Dalert%28%27OPENBUGBOUNTY%27%29+ in the search parameter.

Thanks
This has been moved to 'Can't reproduce' but it is easy - simply use the payload %3Cimg+src%3Dx+onerror%3Dalert%28%27OPENBUGBOUNTY%27%29+ in the url or <img+src%3Dx+onerror%3Dalert('OPENBUGBOUNTY') in the search box and you will get xss like this:
Screenshot from 2021-09-01 09-23-05.png
Screenshot from 2021-09-01 09-23-05.png (153.9KiB)Viewed 5858 times