Airbnb Bug Bounty Program Statistics | BugBountyHunter.com

Airbnb Program Statistics

10 total issues disclosed

$2,500 total paid publicly

Most disclosed (3 disclosures) — Information Disclosure

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
[airbnb.com] XSS via Cookie flash	Cross-site Scripting (XSS) - Generic	bobrov	Medium	2018-04-04
[m.airbnb.com] CRLF Injection	HTTP Response Splitting	bobrov	Low	2018-04-04
Call back number not verified	Business Logic Errors	al7311	No rating	2017-07-20
Nginx Version Disclosure	Information Disclosure	lulliii	Medium	2017-03-23
████ discloses valid Airbnb SSO login names via Google Search Results	Information Disclosure	aesteral	No rating	2016-10-09
authenticity_token is not random across page loads	Cross-Site Request Forgery (CSRF)	alokmenghrajani	No rating	2015-08-13
I Can Delete Any Airbnb Users Symbol!	Improper Authentication - Generic	faisalahmed	No rating	2015-07-04
SSL Issues	Cryptographic Issues - Generic	ruisilva	No rating	2015-04-11
Vulnerability type xss uncovered in airbnb.es	Cross-site Scripting (XSS) - Generic	hykatza	No rating	2015-04-08
Generating Unlimited Free Travel Gift Invites \| IDOR	Information Disclosure	shamrocksu88	No rating	2015-04-04