We would like to thank the following individuals for their responsible security disclosures.
| Reporter | Issue | Date Reported | Status |
|---|---|---|---|
| Harishwar | Clickjacking vulnerability affecting pages on multiple sales websites | April 2025 | Fixed |
| Mudassir Aijaz | Session not expiring on password change across browsers/computers | July 2025 | Fixed |
| Parth Narula | Stored XSS in First Name field and cache control issue on registration and account pages | August 2025 | Fixed |
| Vaibhav Jain | Hyperlink Injection Vulnerability Bypass at Signups | August 2025 | Fixed |
| Shivang Singhal | Improper Cache Control | August 2025 | Fixed |
| Team-DisclosureX Cybrgen | Possible denial of service when entering a long password | August 2025 | Fixed |
Are you the first? Read our disclosure policy →