It's been almost three years since my last bug bounty write-up, sorry for that, I will try to share more things that I believe could be of use for the community from now on. About the bug Some time ago...
Trello offers plugins to improve the overall experience when using a board. These plugins are called power-ups and can be enabled in the board settings. For instance there is a Github power-up that allows to attach commits, branches or issues...
As you may know, an ImageMagick vulnerability has recently been disclosed following the research of Stewie and Nikolay Ermishkin (you can read more on the dedicated website). The vulnerability appears when ImageMagick is used to convert an image from one...
As you may know, you can upload a picture to paypal.com. Until recently this picture was pretty useless, but now it is displayed on you paypal public page. Paypal.me is a public page linked to your Paypal account...
We were in a meeting with some friends when one of them moved a card on the project's board, on my screen the card moved instantaneously, quite impressed I was wondering which technology was used to have this kind of...
This bug has been partially disclosed by Trello. This blog post gives additional information about the bug. Trello offers a great API called webhook. It allows to set a webhook on a Model such as a board, a card or...
You can't use special chars in a domain name, a DNS server would not understand them. You are limited to the set of alphanumeric ASCII characters (a-z, A-Z, 0-9). Now let's say that we are living in Russia, the Cyrillic...