Evernote Bug Bounty Program Statistics | BugBountyHunter.com

Evernote Program Statistics

7 total issues disclosed

$5,450 total paid publicly

Most disclosed (2 disclosures) — None supplied

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
[34.96.80.155] Server Logs Disclosure lead to Information Leakage	Privilege Escalation	huntinex	Low	2021-12-09
Full read SSRF in www.evernote.com that can leak aws metadata and local file inclusion	Server-Side Request Forgery (SSRF)	neolexsecurity	Critical	2021-12-06
CSRF leads to account deactivation of users	None supplied	sampritdas	Medium	2021-10-19
Non-production Open Database In Combination With XXE Leads To SSRF	XML External Entities (XXE)	kaulse	Critical	2020-10-27
One Click Code Execution via File	Execution with Unnecessary Privileges	ajdumanhug	High	2020-03-24
One Click Code Execution via File	Execution with Unnecessary Privileges	ajdumanhug	High	2020-03-24
Wormable stored XSS in www.evernote.com	None supplied	jobert	High	2018-08-21