Vulnerability Disclosure Programs
Citizens Bank
1x RCE
Oracle
1x RCE
Zebra
2x+ Critical SSRF
Digitaal Vlaanderen
3x+ Valid Reports Including 1x RCE
DHL Group
Sensitive data exposure
Bureau of Land Management
1x Arbitrary file Read
Ziff Davis
1x RCE
VRT
2x SSRF
State of California
RXSS
Picsart
1x SSRF with bypass
Stanford
1x Path Traversal
AIG
3x RXSS
TD Bank
1x RXSS
IBM
1x RXSS
Mount Sinai Health
1x Cache Poisoning 2x RXSS
CBRE
3x Valid Submissions
Equifax
2x SSRF and 1x SSRF with DNS Rebinding Bypass
Mars
5x Valid Submissions
Thomson Reuters
4x valid Reports
Cisco Systems operational infrastructure
3x Critical SSRF
DICK'S Sporting Goods
1x Sensitive Data Exposure
Lenovo
1x Stored XSS due to Cache Poisoning
Keysight Technologies
1x RCE
ABB Information Systems Ltd
5x Valid Reports
U.S Dept of Defense
25+ Valid Submissions
Disney
20+ Valid Reports
Bug Bounty Programs
AT&T
14x Valid Submissions Including RXSS, BAC, Broken Authentication, Information Disclosure, RCE, and others
U.S Dept of Defense Hack U.S
1x RCE
Intuit
1x Critical, 2x RXSS
Aruba Networks
1x RXSS
EPAM Systems
2x SSRF
Adobe
20+ valid submissions
ING
1x Exceptional BAC
Swedavia
1x High Impact RXSS
House of HR
2x RXSS
CM.Com
1x SSRF
Criteo
2x valid Reports
HubSpot
1x Valid Submission
H&R Block Tax Group
2x Valid Submissions
Ebay
1x RXSS