Coordinated Vulnerability Disclosure (CVD) Hall of Fame
Welcome to our hall of fame where all the great bug-bounty hunters and security researchers that disclosed a vulnerability are ranked. The bigger the vulnerability (on terms of impact for the constituent), the higher the ranking. All high-impact vulnerability will also be rewarded. So can you reach the first place and help us to secure our systems even further?
Want to disclose a vulnerability? Please read the Coordinated Vulnerability Disclosure procedure provided by the constituent and file a report by using this form.
Hall of Fame
- Koen van Hove - SaaS e-mail Spoofing/Impersonation
- CondaSecurity.nl
- Michael Jones - Skype for Business Vulnerability Disclosure
- Mark Fijneman - Registration bypass, XSS and multiple IDOR's
- Khaled Selim - HTML email injection / Blind XSS in admin panel / Stored XSS / Open Redirection / Rate Limiting
- Theologos Kokkinellis - Multiple reflected XXS
- Constantin Mader - HTTP Request Smuggling - CL.TE variant + TomCat Manager Access
- Marcus Jansson - Broken Authentication / Information Disclosure
- Wouter de Vries - Multiple Open Redirects
- Alwin Warringa - SQL Injection
- Ahmad Asaad - Stored XXS
- Raunak Gupta - Stored XSS
- Niek Flipse (TheWhiteBoot) - Reflected XSS
- Shail Sandip Patel - Reflected XSS
- Harsh Maheta
- Hassan Jaleel (CEO Tricklesoft.com) - Information Disclosure
- Kent Apostol
- Vít Chramosta - Confidential Information Disclosure
- Dhruvi Pandya
- Devansh Chauhan - Session verrification
- Takshal Patel - Information Disclosure
- Jiehao Zhang - Information Disclosure