Coursera Program Statistics

View program

6 total issues disclosed

$0 total paid publicly

Most disclosed (2 disclosures) — Cross-site Scripting (XSS) - Generic

Disclosed Reports

Report Title Vulnerability Type Disclosed By Severity Disclosed on
No Password Verification on Changing Email Address Cause Account takeover Violation of Secure Design Principles nohack Medium 2018-05-19
[www.coursera.org] Leaking password reset link on referrer header Violation of Secure Design Principles flex0geek None 2018-02-14
XSS Stored Cross-site Scripting (XSS) - Generic pain_ Medium 2018-01-12
Stored XSS via transloadit.com and imageproxy Cross-site Scripting (XSS) - Stored c0rdis High 2017-11-30
XSS in https://www.coursera.org/courses/ Cross-site Scripting (XSS) - Generic secalert No rating 2016-09-14
Broken authentication and session management flaw Improper Authentication - Generic babayaga_ No rating 2016-08-18