Day 40 comes with JWT attacks and XSS based on POST request!
Day 39 comes with Android vulnerabilities, a curious report about CRLF and Stored XSS, and a weekly report with bugs.
Day 38 comes with some rest after a week with couple reports. Tomorrow monday we’ll see how they got solved, they still in triaged ! Besides that a write up ...
Day 37 comes with more XSS escalation by PDF generation and database credential leakage!
Day 36 comes with a resource related to server misconfigurations and a pretty simple SQL injection found on MEGA.NZ by Naresh LamGade