Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles General Motors Program Statistics
18 total issues disclosed
$0 total paid publicly
Most disclosed (12 disclosures) — Cross-site Scripting (XSS) - Generic
Disclosed Reports
| Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
|---|---|---|---|---|
| Reflected Cross Site Script in www.gmcar.gm.com | Cross-site Scripting (XSS) - Generic | adrianomarcmont | No rating | 2017-06-09 |
| Reflected Cross Site Script in imtportal.gm.com | Cross-site Scripting (XSS) - Generic | adrianomarcmont | No rating | 2017-06-09 |
| XSS Vulnerability in developer.gm.com | Cross-site Scripting (XSS) - Generic | ddworken | No rating | 2017-06-09 |
| Content Spoof in opel.es.wpsegment2.gm.com | Violation of Secure Design Principles | adrianomarcmont | No rating | 2017-06-09 |
| Angular Expression Injection in the my.gmc.com Search Page | Information Disclosure | signalchaos | No rating | 2017-06-09 |
| Reflected XSS and something more Store XSS too | Cross-site Scripting (XSS) - Generic | secdoor | No rating | 2017-06-09 |
| IE search XSS | Cross-site Scripting (XSS) - Generic | s_p_q_r | No rating | 2017-06-09 |
| Flash XSS on global nav | Cross-site Scripting (XSS) - Generic | mystech7 | No rating | 2017-06-09 |
| Flash XSS on homepage fliptilescroller | Cross-site Scripting (XSS) - Generic | mystech7 | None | 2017-06-06 |
| Flash XSS on Buick_RotatingMasthead_JellyBeanSlider.swf | Cross-site Scripting (XSS) - Generic | mystech7 | Medium | 2017-06-05 |
| XSS in GM | Cross-site Scripting (XSS) - Generic | koolacac | No rating | 2016-08-30 |
| gmmovinparts.com SQLi via forgot_password.jsp | SQL Injection | meals | No rating | 2016-08-30 |
| refelected Xss on https://gmid.gm.com/gmid/jsp/GMIDInitialLogin.jsp | Cross-site Scripting (XSS) - Generic | d1pakda5 | No rating | 2016-08-30 |
| Content Spoof in webcaps.ecomm.gm.com | Violation of Secure Design Principles | adrianomarcmont | No rating | 2016-08-30 |
| Reflected Cross Site Script in m.chevrolet.com.wpsegment5.gm.com | Cross-site Scripting (XSS) - Generic | adrianomarcmont | No rating | 2016-08-30 |
| Full Path Disclosure on gmchat.gm.com | Information Disclosure | rmashhoon | No rating | 2016-05-23 |
| XSS on gmchat.gm.com | Cross-site Scripting (XSS) - Generic | rmashhoon | No rating | 2016-05-23 |
| E-mail Spoof in media.gm.com | Violation of Secure Design Principles | adrianomarcmont | No rating | 2016-05-23 |