漏洞赏金情报

数据来源：HackerOne 公开披露报告 · 每 6 小时更新

浏览 HackerOne 平台公开披露的漏洞赏金报告，按严重程度、漏洞类型或目标项目筛选，关联 CVE 编号。

已披露报告

12,219

关联 CVE

1,854

参与项目数

342

近 7 天新增

10

严重度: All Critical High Medium Low

类型: 全部 Information Disclosure 1173 Cross-site Scripting (XSS) … 747 Violation of Secure Design … 719 Improper Access Control - Generic 656 Improper Authentication - Generic 652 Cross-site Scripting (XSS) … 513 Uncontrolled Resource Consumption 483 Cross-site Scripting (XSS) … 461 Cross-Site Request Forgery (CSRF) 421 Privilege Escalation 375

项目筛选：mtn_group✕

cross site scripting reflected

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2024-09-09

Reflected cross site scripting (XSS) attacks Reflected XSS attacks,

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2024-08-30

Cross-site Scripting (XSS) - Reflected on https://api.mtn.sd/carbon/admin/login.jsp via `msgId` parameter - CVE-2020-17453

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-17453

Medium

2024-08-24

Cross-site Scripting (XSS) - Reflected on http://callertunez.mtn.com.gh/wap/noauth/sharedetail.ftl via `callback` parameter

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2024-08-24

Cross-site Scripting (XSS) - Reflected on http://h1b4e.n2.ips.mtn.co.ug:8080 via Nginx-module

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2024-08-24

Reflected Cross Site Scripting Cisco ASA on myvpn.mtncameroon.net CVE-2020-3580

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)CVE-2020-3580

Medium

2024-08-23

Reflected XSS in chatbot

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2022-11-19

Cross-site Scripting (XSS) - Reflected

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2022-10-30

XSS at http://nextapps.mtnonline.com/search/suggest/q/{xss payload}

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2022-05-01

XSS at videostore.mtnonline.com/GL/*.aspx via all parameters

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2022-05-01

xss on [developers.mtn.com]

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2022-04-19

Reflected XSS on dailydeals.mtn.co.za

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2021-12-24

Reflected XSS at dailydeals.mtn.co.za

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2021-12-24

RXSS - http://macademy.mtnonline.com

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2021-12-11

Reflected XSS on play.mtn.co.za

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2021-08-14

Reflected XSS on mtnhottseat.mtn.com.gh

MTN Group Cross-site Scripting (XSS) - Reflected (CWE-79)

Medium

2021-05-24

高频漏洞类型

最活跃项目

项目	报告数	最高赏金
U.S. Dept Of Defense	896	—
Internet Bug Bounty	817	—
HackerOne	609	—
Nextcloud	582	—
Shopify	464	—
curl	439	—
Node.js third-party modules	307	—
GitLab	258	—
X / xAI	250	$2,500
Uber	239	$9,895