Cleartext submission of password on http://insights.indeed.tech/users/sign_in

Disclosed by
dirty0124's avatar
dirty0124
  • Engagement Indeed
  • Disclosed date almost 3 years ago
  • Points 5
  • Priority P4 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by dirty0124

Login over http

Activity
  1. Kyle_indeed’s avatar
    Kyle_indeed Customer published the disclosure report

    ()

  2. dirty0124’s avatar
    dirty0124 requested disclosure

    ()

  3. Jarvis’s avatar
    Jarvis Customer changed the state to Resolved

    ()

  4. r_indeed’s avatar
    r_indeed Customer rewarded dirty0124 5 points

    ()

  5. r_indeed’s avatar
    r_indeed Customer changed the state to Unresolved

    ()

  6. r_indeed’s avatar
    r_indeed Customer rewarded dirty0124

    ()

  7. r_indeed’s avatar
    r_indeed Customer changed the severity to P4

    ()

  8. dirty0124’s avatar
    dirty0124 sent a message

    ()

  9. dax_bugcrowd’s avatarbugcrowd logo
    dax_bugcrowd changed the state to Triaged

    ()

  10. dax_bugcrowd’s avatarbugcrowd logo
    dax_bugcrowd resolved a blocker for Indeed by providing information

    ()

  11. dax_bugcrowd’s avatarbugcrowd logo
    dax_bugcrowd created a blocker on Indeed to provide information

    ()

  12. dirty0124’s avatar
    dirty0124 created the submission

    ()