Introduction Between March 2023 and May 2023, we identified multiple security vulnerabilities within points.com, the backend provider for a significant…
During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC…
Overview On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js “netlify-ipx” repository which would allow an…
To preface: the bug we found here is really simple. The interesting thing here is the impact of the vulnerability…
Between the period of July 6th to October 6th myself, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes worked…
After a long day of trying and failing to find vulnerabilities on the Verizon Media bug bounty program I decided…
Ever since I was a kid I was never good at doing schoolwork. I had envied everyone that seemed to…
Over the last few years, usage of vulnerability disclosure and bug bounty programs have increased significantly. It is now almost…
As a preface, when I originally found this bug I was unfamiliar the class of “null byte buffer overflow” even…
Jira Service Desk is a help desk application that is built on top of core Jira. It allows customers to…