Skip to content

Latest commit

 

History

History
122 lines (118 loc) · 13.6 KB

TOPSLACK.md

File metadata and controls

122 lines (118 loc) · 13.6 KB
Raw

Back

Top reports from Slack program at HackerOne:

  1. Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies to Slack - 792 upvotes, $6500
  2. Remote Code Execution in Slack desktop apps + bonus to Slack - 458 upvotes, $1750
  3. XSS vulnerable parameter in a location hash to Slack - 432 upvotes, $1100
  4. URL link spoofing to Slack - 347 upvotes, $250
  5. AWS bucket leading to iOS test build code and configuration exposure to Slack - 310 upvotes, $1500
  6. TURN server allows TCP and UDP proxying to internal network, localhost and meta-data services to Slack - 301 upvotes, $3500
  7. Slack DTLS uses a private key that is in the public domain, which may lead to SRTP stream hijack to Slack - 165 upvotes, $2000
  8. XSS in gist integration to Slack - 152 upvotes, $500
  9. Unauthenticated LFI revealing log information to Slack - 117 upvotes, $4000
  10. Stealing xoxs-tokens using weak postMessage / call-popup redirect to current team domain to Slack - 114 upvotes, $3000
  11. Stored XSS on team.slack.com using new Markdown editor of posts inside the Editing mode and using javascript-URIs to Slack - 98 upvotes, $1000
  12. Real Time Error Logs Through Debug Information to Slack - 91 upvotes, $1500
  13. User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files to Slack - 91 upvotes, $750
  14. Tricking the "Create snippet" feature into displaying the wrong filetype can lead to RCE on Slack users to Slack - 89 upvotes, $1500
  15. Many Slack teams can be joined by abusing an improperly configured support@ inbox to Slack - 83 upvotes, $1500
  16. SSRF in api.slack.com, using slash commands and bypassing the protections. to Slack - 78 upvotes, $500
  17. OSX slack:// protocol handler javascript injection to Slack - 71 upvotes, $1000
  18. Eavesdropping on private Slack calls to Slack - 65 upvotes, $1000
  19. The Custom Emoji Page has a Reflected XSS to Slack - 55 upvotes, $1250
  20. Access to some Slack workspace metadata and settings available to unauthorized parties to Slack - 49 upvotes, $7000
  21. Internal SSRF bypass using slash commands at api.slack.com to Slack - 46 upvotes, $500
  22. Linux Desktop application slack executable does not use pie / no ASLR to Slack - 46 upvotes, $100
  23. Bypass of the SSRF protection in Event Subscriptions parameter. to Slack - 44 upvotes, $500
  24. Store XSS to Slack - 43 upvotes, $500
  25. The POODLE attack (SSLv3 supported) at status.slack.com to Slack - 41 upvotes, $500
  26. Information leakage and default open port to Slack - 39 upvotes, $350
  27. CSS Injection to disable app & potential message exfil to Slack - 34 upvotes, $500
  28. URL filter bypass in Enterprise Grid to Slack - 31 upvotes, $100
  29. Snooping into messages via email service to Slack - 28 upvotes, $2500
  30. Stored XSS(Cross Site Scripting) In Slack App Name to Slack - 28 upvotes, $1000
  31. Slack-Corp Heroku application disclosing limited info about company members to Slack - 28 upvotes, $300
  32. Bypass two-factor authentication to Slack - 26 upvotes, $500
  33. DoS on the Direct Messages to Slack - 26 upvotes, $500
  34. Source code leakage through GIT web access at host '52.91.137.42' to Slack - 24 upvotes, $1500
  35. Subdomain takeover on podcasts.slack-core.com to Slack - 24 upvotes, $100
  36. Access of Android protected components via embedded intent to Slack - 23 upvotes, $1000
  37. [Screenhero] Subdomain takeover to Slack - 23 upvotes, $200
  38. CSRF in github integration to Slack - 22 upvotes, $500
  39. Rate-limit bypass to Slack - 22 upvotes, $500
  40. HTTP parameter pollution from outdated Greenhouse.io JS dependency to Slack - 21 upvotes, $250
  41. Race Condition in account survey to Slack - 20 upvotes, $150
  42. Bypass to postMessage origin validation via FTP to Slack - 14 upvotes, $850
  43. Code Injection in Slack's Windows Desktop Client leads to Privilege Escalation to Slack - 14 upvotes, $750
  44. Information Disclosure on stun.screenhero.com to Slack - 14 upvotes, $700
  45. Uninstalling Slack for Windows (64-bit), then reinstalling keeps you logged in without authentication to Slack - 13 upvotes, $500
  46. Invitation reminder emails contain insecure links to Slack - 12 upvotes, $350
  47. dom xss in https://www.slackatwork.com to Slack - 12 upvotes, $200
  48. Open Redirect on slack.com to Slack - 11 upvotes, $500
  49. Bypass of the SSRF protection (Slack commands, Phabricator integration) to Slack - 11 upvotes, $100
  50. HTML Injection inside Slack promotional emails to Slack - 11 upvotes, $100
  51. Facebook Takeover using Slack using 302 from files.slack.com with access_token to Slack - 10 upvotes, $500
  52. User can start call in a channel of an unpaid account to Slack - 10 upvotes, $100
  53. Shared-channel BETA persists integration after unshare to Slack - 9 upvotes, $750
  54. Relative Path Vulnerability Results in Arbitrary Command Execution/Privilege Escalation to Slack - 9 upvotes, $750
  55. Creating Post on a restricted channel to Slack - 9 upvotes, $500
  56. a stored xss issue in https://files.slack.com to Slack - 8 upvotes, $500
  57. Stored XSS Found to Slack - 7 upvotes, $500
  58. "a stored xss issue in share post menu" to Slack - 7 upvotes, $500
  59. Open redirect vulnerability to Slack - 7 upvotes, $0
  60. Data exports stored on S3 can be scraped easily to Slack - 7 upvotes, $0
  61. Authentication bypass leads to sensitive data exposure (token+secret) to Slack - 6 upvotes, $2000
  62. File upload over private IM channel to Slack - 5 upvotes, $500
  63. CSRF - Add optional two factor mobile number to Slack - 5 upvotes, $500
  64. Email information leakage for certain addresses to Slack - 5 upvotes, $400
  65. Stored XSS in www.slack-files.com to Slack - 5 upvotes, $200
  66. Slack OAuth2 "redirect_uri" Bypass to Slack - 5 upvotes, $100
  67. RC4 cipher suites detected on status.slack.com to Slack - 5 upvotes, $100
  68. Possibility to freeze/crash the host system of all Slack Desktop users easily to Slack - 4 upvotes, $500
  69. Generate new Test token to Slack - 4 upvotes, $100
  70. Stored XSS on this link https://sehacure.slack.com/help/requests/ to Slack - 4 upvotes, $0
  71. Stored XSS in Slackbot Direct Messages to Slack - 3 upvotes, $500
  72. a stored xss in slack integration https://onerror.slack.com/services/import to Slack - 3 upvotes, $500
  73. SSRF on https://whitehataudit.slack.com/account/photo to Slack - 3 upvotes, $300
  74. Stored XSS in Slack.com to Slack - 3 upvotes, $300
  75. Email enumeration to Slack - 3 upvotes, $0
  76. csrf to Slack - 3 upvotes, $0
  77. Remote file Inclusion - RFI in upload to Slack - 3 upvotes, $0
  78. Executing scripts on slack-files.com using SVG to Slack - 3 upvotes, $0
  79. Trick make all fixed open redirect links vulnerable again to Slack - 2 upvotes, $1000
  80. Stored XSS in Slack (weird, trial and error) to Slack - 2 upvotes, $500
  81. URL redirection flaw to Slack - 2 upvotes, $200
  82. Content Spoofing all Integrations in https://team.slack.com/services/new/ to Slack - 2 upvotes, $200
  83. Reflective XSS can be triggered in IE to Slack - 2 upvotes, $150
  84. CSRF vulnerability on https://sehacure.slack.com/account/settings to Slack - 2 upvotes, $100
  85. Broken Authentication (including Slack OAuth bugs) to Slack - 2 upvotes, $100
  86. Session Fixation disclosing email address to Slack - 2 upvotes, $0
  87. HTTP Strict Transport Policy not enabled on newly made accounts to Slack - 2 upvotes, $0
  88. flash content type sniff vulnerability in api.slack.com to Slack - 1 upvotes, $500
  89. Reflected Xss to Slack - 1 upvotes, $500
  90. Stored XSS in Channel Chat to Slack - 1 upvotes, $500
  91. Duplicate of #4550 to Slack - 1 upvotes, $500
  92. Stored XSS in username.slack.com to Slack - 1 upvotes, $500
  93. Team admin can add billing contacts to Slack - 1 upvotes, $200
  94. Team admin can change unauthorized team setting (require_at_for_mention) to Slack - 1 upvotes, $200
  95. Content spoofing at Stripe Integrations to Slack - 1 upvotes, $100
  96. Open Redirect login account to Slack - 1 upvotes, $100
  97. Password Policy issue (Weak Protect) to Slack - 1 upvotes, $100
  98. Team admin can change unauthorized team setting (allow_message_deletion) to Slack - 1 upvotes, $100
  99. an xss issue in https://hunter22.slack.com/help/requests/793043 to Slack - 1 upvotes, $100
  100. State parameter missing on google OAuth to Slack - 1 upvotes, $0
  101. Stored XSS to Slack - 1 upvotes, $0
  102. User impersonation is possible with incoming webhooks to Slack - 1 upvotes, $0
  103. CSRF on add comment section to Slack - 1 upvotes, $0
  104. open redirect in https://slack.com to Slack - 1 upvotes, $0
  105. Content Spoofing to Slack - 1 upvotes, $0
  106. Unauthenticated Access to some old file thumbnails to Slack - 1 upvotes, $0
  107. Stored XSS in slack.com (integrations) to Slack - 0 upvotes, $500
  108. File upload XSS (Java applet) on http://slackatwork.com/ to Slack - 0 upvotes, $200
  109. Logout any user of same team to Slack - 0 upvotes, $100
  110. Reflected Self-XSS in Slack to Slack - 0 upvotes, $100
  111. Self-XSS in posts by formatting text as code to Slack - 0 upvotes, $100
  112. Open Redirect in Slack to Slack - 0 upvotes, $0
  113. TLS1/SSLv3 Renegotiation Vulnerability to Slack - 0 upvotes, $0
  114. Deleting Teams implemenation to Slack - 0 upvotes, $0
  115. Link vulnerability leads to phishing attacks to Slack - 0 upvotes, $0

Back