Reports in chaturbate program: S.No Title Bounty 1 Reflected XSS on secure.chaturbate.com $800.0 2 Rate limit missing at room login $500.0 3 Stored XSS in chat topic due to insecure emoticon parsing on any message type $450.0 4 DoS attacks utilizing camo.stream.highwebmedia.com $400.0 5 [chatws25.stream.highwebmedia.com] - Reflected XSS in c parameter $350.0 6 [chaturbate.com] - CSRF Vulnerability on image upload $300.0 7 CSRF in cancel group and private show requests $300.0 8 Open redirect in securegatewayaccess.com / secure.chaturbate.com via prejoin_data parameter $250.0 9 CSRF in REPORT EMOTICON feature $250.0 10 Stats Token doesn't expire after deactivating account $250.0 11 Open redirect on chaturbate.com (tipping/purchase_success) $250.0 12 Unrestricted POST request size on roomlogin endpoint $200.0 13 View Failed Approval and Pending videos other users $200.0 14 Private and group tokens per minute endpoint active for disabled users $150.0 15 CSRF in "send them an email and browser notification" feature $150.0 16 Bypass subdomain limits using race condition $100.0 17 Stored XSS on chaturbate.com (wish list) $100.0 18 Account Takeover via billing $0.0 19 Reflected XSS on ssl-ccstatic.highwebmedia.com via player.swf $0.0 20 Stored XSS against all Chaturbate users using an application name $0.0 21 CSS Injection on /embed/ via bgcolor parameter leaks user's CSRF token and allows for XSS $0.0 22 Blind SSRF on image proxy camo.stream.highwebmedia.com $0.0 23 CSV Injection with the CSV export feature $0.0 24 Homograph attack on redirect URL (https://chaturbate.com/external_link/?url) $0.0 25 Web cache deception attack - expose token information $0.0 26 Login form on non-HTTPS page on http://stream.highwebmedia.com/auth/login/ $0.0 27 Forget password link not expiring after email change. $0.0 28 Users may still able to view chat room panel of password protected rooms $0.0 29 Leaking Username and Password in the URLs via Virustotal, can leads to account takeover $0.0 30 Password protected rooms total number of viewers disclosure to unauthorized members $0.0 31 A 10GB file is reachable $0.0 32 Internal loop going to infinite for cb.setTimeout(func, msecs) for broadcast app. $0.0 33 Cross-origin resource sharing: arbitrary origin trusted on chatws25.stream.highwebmedia.com $0.0 34 CSRF on change video thumbnail at https://chaturbate.com $0.0 35 Missing Rate Limitation at /apps/upload_app/ $0.0 36 Missing CSRF Protection in /stats EndPoint. $0.0 37 No rate limiting in starting up a bot. $0.0 38 No rate limiting in changing room subject. $0.0 39 Update Chat Allowed By Option ( without age verification ) $0.0 40 No rate limit in stats api token endpoint $0.0 41 No rate limit in affiliate statsapi endpoint $0.0 42 Homograph attack on redirect URL $0.0 43 Add non-existent room moderator $0.0 44 Blind SSRF at https://chaturbate.com/notifications/update_push/ $0.0 45 Open redirection at https://chaturbate.com/auth/login/ $0.0 46 Chaturbate "/chat_ignore_list/" endpoint does not check for Account status: Disabled before adding Ignore via POST $0.0 47 Passive stored XSS at broadcast room $0.0 48 Missing Rate Limitation at /photo_videos/photoset/create $0.0 49 Form Replay in customer information form $0.0 50 Unrestricted POST request size on /customer_support/information_form/ endpoint $0.0 51 The auto login link does not expire on changing email id $0.0 52 Camo Image Proxy Bypass with CSS Escape Sequences $0.0