Skip to content
Klikki Oy
Search for:
X
Search for:
X

HEY.com stored XSS

HackerOne vulnerability report:

An attacker can bypass the HEY.com HTML sanitizer and inject arbitrary unsafe HTML in emails.

A HEY user viewing an email sent by the attacker may have their account compromised.

October 28, 2020February 3, 2023 klikki
security bug bounty
Previous
  • media
  • security
  • Kiekko.tk
  • TyperA
Powered by WordPress

All rights reserved © Klikki Fast Press Theme by Seos Themes