Yahoo bug in the news
Vice: Hacker Finds a Way to Break Into Any Yahoo Mail Inbox, Gets $10,000 Threatpost: Yahoo Mail XSS Bug Worth Another $10K
Category: media
Klikki finds a vulnerability affecting about 100 million users – $20,000 bug bounty
In Finnish: https://www.iltalehti.fi/digiuutiset/a/201710242200482733
The most viewed HackerOne vulnerability report Q2/2016
Uber OneLogin authentication bypass by Klikki was the most viewed vulnerability report of Q2 2016 on HackerOne
Klikki’s Uber bug bounty findings in the news
Uber Pays Researcher $10,000 for Critical Flaw (SecurityWeek) Uber Pays Researcher $10k for Login Bypass Exploit (Threatpost)
The 2016 Yahoo bug in the media
Yahoo Mail Patches Severe XSS Flaw Affecting 300M Users (Infosecurity Magazine) Critical Yahoo email flaw patched through bug bounty program (ZDNet) Suomalaismies
Media reports of the WordPress vulnerability found by Klikki
Just-released WordPress 0day makes it easy to hijack millions of websites (Ars Technica)Hackers can infiltrate WordPress sites through comments section (The Hill)WordPress Under Attack
Media coverage of Klikki’s vulnerability findings – Apple, Facebook, Adobe Flash
Facebook, Researcher Quarrel Over Bug Reward Eligibility (SecurityWeek)Apple Fixes Cookie Access Vulnerability in Billions of Safari Devices (Kaspersky Threatpost)Apple splats Safari flaw affecting a
Older bug findings
Bugtraq etc. Windows Media Player directory traversal Microsoft Java vulnerabilities Netscape Java buffer overflow Internet Explorer cookie access vulnerability Linux glibc locale