Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pull] master from bugcrowd:master #26

Merged
merged 115 commits into from
May 15, 2024
Merged

[pull] master from bugcrowd:master #26

merged 115 commits into from
May 15, 2024

Conversation

pull[bot]
Copy link

@pull pull bot commented May 15, 2024
edited
Loading

See Commits and Changes for more details.

Created by pull[bot]

Can you help keep this open source service alive? 💖 Please sponsor : )

RRudder added 30 commits April 11, 2023 16:14
@RRudder
Broken Auth and Session Management
0a7e856 
Created newline at end of .md file to satisfy the linter
@RRudder
Updated recommendation.md for malformed iOS URL Schemes
f1bcf2b
@RRudder
Updated recommendation for Weak login function for non-operational en…
96f6833 
…dpoint
@RRudder
Updates to recommendations for All three session fixation variants
686f397 
(The same recommendation text is used across all three)
@RRudder
Updated rec for Failure to Invalidate Session on Logout
dc56d05
@RRudder
update rec for Failure to Invalidate Session on Logout Server-Side Only
3f152bd
@RRudder
Updated rec for Failure to Invalidate Concurrent Sessions on Logout
334c672
@RRudder
updated rec for Failure to Invalidate session upon 2FA activation or …
eb6ce09 
…change
@RRudder
Updated rec for Failure to Invalidate Session for Long Timeout
54b7217
@RRudder
Update recommendations.md
df48a5d
@RRudder
Update recommendations.md
03a025e
@RRudder
Update recommendations.md
3142063
@RRudder
Update recommendations.md
acbaad5
@RRudder
Updates to rec for Self-Stored XSS
9784af0
@RRudder
update rec for self-reflected XSS
8fddd1d
@RRudder
Updates to rec for Flash-Based XSS
03888ac
@RRudder
Updates to recs for cookie-based XSS
2e0b1e1
@RRudder
updates to rec for TRACE method XSS
0846829
@RRudder
Updates to rec for Plaintext Password Field
dab28e9
@RRudder
update rec for Save Password
d7f0284
@RRudder
update rec for Autocomplete Enabled
121ad15
@RRudder
update rec for Autocorrect Enabled
8fdae46
@RRudder
updates to rec for CSV Injection
3ddb369
@RRudder
Updates to System Clipboard Leaks
3759f5c 
Updated both the template.md and the recommendation.md files for parent and child variants.
@RRudder
Update rec for User Password Persisted in Memory
280a1cc
@RRudder
Updates to Sensitive Application Data Stored Unencrypted
1ccff46
@RRudder
Updates to rec for Non-Sensitive data store unencrypted
dcbec4b
@RRudder
Update to rec for Executable Download
59cf6f9
@RRudder
Update rec for Weak Password Policy
66a2cf6
@RRudder
Updates to Weak Password Policy
5be1c03 
Updated both the template.md and recommendation.md files
RRudder added 28 commits May 15, 2024 13:41
@RRudder
Merge pull request #461 from bugcrowd/Missing-Failsafe
ac21e88 
Updated rec for Missing 2FA failsafe
@RRudder
Merge pull request #460 from bugcrowd/Allows-Disposable-Email-Addresses
f145ca3 
update rec for Registration Allows for Disposable Email Addresses
@RRudder
Merge pull request #459 from bugcrowd/Verification-of-Contact-Method-…
0c783c6 
…not-Required

Updates to rec and template for Verification of Contact Method not Re…
@RRudder
Merge pull request #422 from bugcrowd/test-branch
b7ea2af 
Broken Auth and Session Management
@RRudder
Merge pull request #453 from bugcrowd/Weak-Password-Policy
2898471 
Update rec for Weak Password Policy
@RRudder
Merge pull request #452 from bugcrowd/Screen-Caching-Enabled
991a113 
Update to rec for Executable Download
@RRudder
Merge pull request #451 from bugcrowd/non-sensitive-app-data
d8c31d7 
Updates to rec for Non-Sensitive data store unencrypted
@RRudder
Merge pull request #450 from bugcrowd/Sensitive-App-Data
d7a41aa 
Updates to Sensitive Application Data Stored Unencrypted
@RRudder
Merge pull request #449 from bugcrowd/User-Password-Persisted-in-Memory
f6b7cd1 
Update rec for User Password Persisted in Memory
@RRudder
Merge pull request #448 from bugcrowd/System-Clipboard-Leak
b93aae0 
Updates to System Clipboard Leaks
@RRudder
Merge pull request #447 from bugcrowd/CSV-Injection
70c0c7f 
updates to rec for CSV Injection
@RRudder
Merge pull request #446 from bugcrowd/Autocomplete-Enabled
0a3f3df 
update rec for Autocomplete Enabled
@RRudder
Merge pull request #445 from bugcrowd/Autocorrect-Enabled
0af7768 
update rec for Autocorrect Enabled
@RRudder
Merge pull request #444 from bugcrowd/save-password
9db1964 
update rec for Save Password
@RRudder
Merge pull request #443 from bugcrowd/Plaintext-Password-Field
4661913 
Updates to rec for Plaintext Password Field
@RRudder
Merge pull request #442 from bugcrowd/TRACE-method-xss
b76c074 
updates to rec for TRACE method XSS
@RRudder
Merge pull request #441 from bugcrowd/cookie-base-xss
2fa695b 
Updates to recs for cookie-based XSS
@RRudder
Merge pull request #440 from bugcrowd/flash-based-xss
1d2d25f 
Updates to rec for Flash-Based XSS
@RRudder
Merge pull request #439 from bugcrowd/self-reflected-xss
f5b8ccc 
update rec for self-reflected XSS
@RRudder
Merge pull request #438 from bugcrowd/self-stored-XSS
3cd8e1c 
Updates to rec for Self-Stored XSS
@RRudder
Merge pull request #433 from bugcrowd/long-timeout
c6e5496 
Updated rec for Failure to Invalidate Session for Long Timeout
@RRudder
Merge pull request #432 from bugcrowd/on-2FA-activation-change
c086ced 
updated rec for Failure to Invalidate session upon 2FA activation or …
@RRudder
Merge pull request #430 from bugcrowd/concurrent-sessions-on-logout
019fa2f 
Updated rec for Failure to Invalidate Concurrent Sessions on Logout
@RRudder
Merge pull request #429 from bugcrowd/on-logout-serverside-only
64763b3 
update rec for Failure to Invalidate Session on Logout Server-Side Only
@RRudder
Merge pull request #428 from bugcrowd/On-logout-failure-to-invalidate…
b4f0ced 
…-session

Updated rec for Failure to Invalidate Session on Logout
@RRudder
Merge pull request #427 from bugcrowd/Session-Fixation-Local-Attack-V…
bef8236 
…ector

Updates to recommendations for All three session fixation variants
@RRudder
Merge pull request #426 from bugcrowd/Weak-Login-Function-Intended-Pu…
8690d8b 
…blic-Access

Updated recommendation for Weak login function for non-operational en…
@RRudder
Merge pull request #424 from bugcrowd/malformed-iOS-URL-Schemes
2ea4990 
Updated recommendation.md for malformed iOS URL Schemes
@pull pull bot added the ⤵️ pull label May 15, 2024
@pull pull bot merged commit 2ea4990 into bbhunter:master May 15, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
⤵️ pull
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@RRudder