Jesse Powell@jespow·Aug 29, 2020$1750 for RCE in @SlackHQ. Seems a bit cheap for a $17b company with 12.5m concurrent users. This would earn 100x at @krakenfx’s bug bounty program. As a user, such weak bounties doesn’t give me confidence that you are investing in and value security.hackerone.comSlack disclosed on HackerOne: Remote Code Execution in Slack...# Summary With any in-app redirect - logic/open redirect, HTML or javascript injection it's possible to execute arbitrary code within Slack desktop apps. This report demonstrates a specifically...21089
Parsia@CryptoGangsta·Aug 31, 2020100x as in you would have paid $175000 for RCE in your desktop app? But you do not have a desktop app.1
Jesse Powell@jespowReplying to @CryptoGangsta @SlackHQ and @krakenfxAny app. You can get the Desktop app here:cryptowat.chCryptowatch DesktopUse our high-performance native desktop application to track the markets in real-time on your own custom dashboards4:34 AM · Aug 31, 2020·Twitter for iPhone
