(cache)Avinash Kumar Yadav | Profile

Profile Badges Hacktivity

Avinash Kumar Yadav (avinash_)

Follow

Ranchi, India 🇮🇳

Joined June 2017

Stats

-

Signal

-

Percentile

-

Impact

-

Percentile

-

Reputation

-

Rank

Streak

0 months streak!

Jan

Feb

Mar

Apr

May

Jun

Jul

Aug

Sep

Oct

Nov

Dec

What is a streak?

Credits

Vulnerabilities found

Thanks received

Recent Badges

A3: Sensitive Data Exposure

October 2023

Diversity

April 2023

Swagger

July 2022

All badges

Hacktivity

HackerOne

Information Disclosure

Critical

Resolved

The /reports/:id.json endpoint discloses potentially sensitive user attributes when reporter summary is present

Bug reported by

was disclosed

6 months ago

Information Disclosure

The /reports/:id.json endpoint disclosed potentially sensitive user attributes, including the reporter's email, OTP backup codes, phone number, graphql_secret_token, and t-shirt size when a reporter summary was present. This summary was automatically generated.

Information Disclosure

Critical

Resolved

Stripe

Bug reported by

was awarded a bounty

9 months ago

DataStax

Bug reported by

was awarded a bounty

9 months ago

Coinbase

Bug reported by

was resolved

9 months ago

DataStax

Bug reported by

was resolved

9 months ago

Thanks

39 thanks received

Valid / Closed

Reputation

Rank

DataStax

12/30

386

Cloudflare Public Bug Bounty

4/19

330

Coinbase

9/41

188

HackerOne

5/67

159

Private Program

Confidential

6/6

152

Testimonials

When asked about working with avinash_ on a vulnerability submission, a private team said...

"I'm HackerOne's CISO and Chief Hacking Officer. avinash_ reported a really interesting and unusual issue to us. It required careful research and testing on their behalf, and they delivered spectacularly. We are very grateful because tooling will never a find an issue like this. Having hackers like avinash_ on our side makes us all safer!"

Some time ago