Skip to content

Latest commit

 

History

History
85 lines (81 loc) · 10.4 KB

TOPBRAVESOFTWARE.md

File metadata and controls

85 lines (81 loc) · 10.4 KB
Raw

Back

Top reports from Brave Software program at HackerOne:

  1. Stored XSS in localhost:* via integrated torrent downloader to Brave Software - 119 upvotes, $0
  2. Local files reading from the web using brave:// to Brave Software - 69 upvotes, $5000
  3. Sending arbitrary IPC messages via overriding Function.prototype.apply to Brave Software - 51 upvotes, $5300
  4. Lack of quarantine meta-attribute for downloaded files leads to GateKeeper bypass to Brave Software - 51 upvotes, $50
  5. chrome://brave available for navigation in Release build [-> RCE] + navigation to chrome://* using tab_helper ["Open in new tab"] to Brave Software - 46 upvotes, $2000
  6. Local files reading using link[rel="import"] to Brave Software - 42 upvotes, $400
  7. [Android] HTML Injection in BatterySaveArticleRenderer WebView to Brave Software - 40 upvotes, $150
  8. [iOS/Android] Address Bar Spoofing Vulnerability to Brave Software - 29 upvotes, $200
  9. Navigation to protocol handler URL from the opened page displayed as a request from this page. to Brave Software - 25 upvotes, $200
  10. Local files reading from the "file://" origin through brave:// to Brave Software - 23 upvotes, $400
  11. chrome://brave navigation from web to Brave Software - 21 upvotes, $650
  12. URL Spoof / Brave Shield Bypass to Brave Software - 19 upvotes, $200
  13. RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context to Brave Software - 16 upvotes, $300
  14. DMARC RECORD MISSING to Brave Software - 16 upvotes, $50
  15. Username Information Disclosure via Json response - Using parameter number Intruder to Brave Software - 16 upvotes, $0
  16. Homograph Attack Bypass [ Tested on Linux & Windows ] to Brave Software - 15 upvotes, $100
  17. Bypassing Homograph Attack Using /@ [ Tested On Windows ] to Brave Software - 15 upvotes, $50
  18. Homograph attack to Brave Software - 14 upvotes, $100
  19. URL spoofing in Brave for macOS to Brave Software - 14 upvotes, $50
  20. Access to local file system using javascript to Brave Software - 13 upvotes, $100
  21. No rate limiting for confirmation email lead to email flooding and leads to enumeration of emails in publishers.basicattentiontoken.org to Brave Software - 13 upvotes, $50
  22. chrome://brave can still be navigated to, leading to RCE to Brave Software - 12 upvotes, $300
  23. [ios] Address bar spoofing in Brave for iOS to Brave Software - 12 upvotes, $50
  24. Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS to Brave Software - 12 upvotes, $0
  25. HTTP Request Smuggling to Brave Software - 12 upvotes, $0
  26. Navigation to chrome-extension:// origin (internal pages) from the web to Brave Software - 11 upvotes, $300
  27. Download attribute allows downloading local files to Brave Software - 11 upvotes, $100
  28. Unsafe handling of protocol handlers to Brave Software - 11 upvotes, $50
  29. application/x-brave-tab should not be readable. to Brave Software - 10 upvotes, $250
  30. Cross-origin page stays focused before/after downloading + uninformative modal window for download to Brave Software - 10 upvotes, $50
  31. Navigation to restricted origins via "Open in new tab" to Brave Software - 10 upvotes, $50
  32. Brave Browser unexpectedly allows to send arbitrary IPC messages to Brave Software - 9 upvotes, $300
  33. URL spoofing using protocol handlers to Brave Software - 9 upvotes, $75
  34. [DOS] Browser hangs on loading the code snippet to Brave Software - 9 upvotes, $25
  35. Torrent Viewer extension web service available on all interfaces to Brave Software - 8 upvotes, $200
  36. Field Day With Protocol Handlers to Brave Software - 8 upvotes, $150
  37. Address Bar Spoofing - Already resolved - Retroactive report to Brave Software - 8 upvotes, $100
  38. [Brave browser] WebTorrent has DNS rebinding vulnerability to Brave Software - 8 upvotes, $100
  39. DoS in Brave browser for iOS to Brave Software - 8 upvotes, $80
  40. [website] Script injection in newsletter signup https://brave.com/brave_youth_program_signup.html to Brave Software - 8 upvotes, $50
  41. Status Bar Obfuscation to Brave Software - 8 upvotes, $0
  42. Command Execution because of extension handling to Brave Software - 8 upvotes, $0
  43. URI Obfuscation to Brave Software - 7 upvotes, $150
  44. There is vulnebility Click Here TO fix to Brave Software - 7 upvotes, $0
  45. [iOS] URL can be replaceState by blob URL in iOS Brave to Brave Software - 6 upvotes, $100
  46. OS username disclosure to Brave Software - 6 upvotes, $100
  47. Brave Browser potentially logs the last time a Tor window was used to Brave Software - 6 upvotes, $100
  48. 2 Directory Listing on ledger.brave.com & vault-staging.brave.com to Brave Software - 6 upvotes, $50
  49. [DOS] denial of service using code snippet on brave browser to Brave Software - 6 upvotes, $25
  50. Subdomain Takeover of Brave.com to Brave Software - 6 upvotes, $0
  51. Sending arbitrary IPC messages via overriding Array.prototype.push to Brave Software - 6 upvotes, $0
  52. alert() dialogs on chrome-extension:// origin (internal pages) to Brave Software - 6 upvotes, $0
  53. Denial of service attack on Brave Browser. to Brave Software - 5 upvotes, $50
  54. settingcontent-ms files lacks "mark of the web" => execute code by dbl click in Downloads toolbar to Brave Software - 5 upvotes, $0
  55. JavaScript URL Issues in the latest version of Brave Browser to Brave Software - 4 upvotes, $0
  56. invalid homepage URL causes 'uncaught typeerror' or blank state to Brave Software - 4 upvotes, $0
  57. Address bar spoofing in Brave browser via. window close warnings to Brave Software - 4 upvotes, $0
  58. Directory Listing on https://promo-services-staging.brave.com to Brave Software - 4 upvotes, $0
  59. Link obfuscation bug to Brave Software - 4 upvotes, $0
  60. [iOS] URI Obfuscation in iOS application to Brave Software - 3 upvotes, $0
  61. Javascript confirm() crashes Brave on PC to Brave Software - 3 upvotes, $0
  62. Information disclosure of website to Brave Software - 3 upvotes, $0
  63. No user confirmation when an auto-updated extension gets more permissions to Brave Software - 3 upvotes, $0
  64. Denial of service attack(window object) on brave browser to Brave Software - 2 upvotes, $100
  65. links the user may download can be a malicious files to Brave Software - 2 upvotes, $0
  66. Brave payments remembers history even after clearing all browser data. to Brave Software - 2 upvotes, $0
  67. Brave: Admin Panel Access to Brave Software - 2 upvotes, $0
  68. OPEN REDIRECTION at every 302 HTTP CODE to Brave Software - 2 upvotes, $0
  69. Cross domain tracking even with 3rd party cookies disabled. to Brave Software - 2 upvotes, $0
  70. Clickjacking or URL Masking to Brave Software - 1 upvotes, $0
  71. homograph-attack (unicode vuln) to Brave Software - 1 upvotes, $0
  72. Remote Stack Overflow Vulnerability (DoS) to Brave Software - 1 upvotes, $0
  73. Download of (later executed) .NET installer over insecure channel to Brave Software - 1 upvotes, $0
  74. Arbitrary local code execution via DLL hijacking from executable installer to Brave Software - 1 upvotes, $0
  75. DOS in browser using window.print() function to Brave Software - 0 upvotes, $0
  76. Denial of service(POP UP Recursion) on Brave browser to Brave Software - 0 upvotes, $0
  77. Brave allows flash to follow 307 redirects to other origins with arbitrary content-types to Brave Software - 0 upvotes, $0
  78. Cross-origin resource sharing misconfiguration (CORS) to Brave Software - 0 upvotes, $0

Back