Main Blog Portfolio

userecho.com
Open Redirect
Got credit for that on https://support.userecho.com/en/knowledge-bases/10/articles/20402-list-of-security-contributors

nationalarchives.gov.uk
Path Traversal in file download
Got credit for that on https://www.nationalarchives.gov.uk/.well-known/thanks.txt

CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name
Got credit for that on https://mibew.org/credits

CVE-2021-39286
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped
Got credit for that on https://index.commoncrawl.org/.well-known/thanks.txt

HackerOne profile