Hall of fame

If you find a vulnerability on this server you will be forever immortalized on this page!

  • Anonymous (Comment) 2021-06-15
    Found a Stored XSS in the upload honeypot.
    Due to a misconfiguration, CSP was not active on the honeypot. In addition file names were not escaped correctly.
    Fix: Added CSP to honey pot and htmlentities on file names.