Reports in elastic program: S.No Title Bounty 1 Remote Code Execution on Cloud via latest Kibana 7.6.2 $10000.0 2 RCE hazard in reporting (via Chromium) $10000.0 3 Remote Code Execution in coming Kibana 7.7.0 $5000.0 4 Stored XSS in Elastic App Search $2000.0 5 Over-Privileged API Credentials for Elastic Agent $1300.0 6 Async search stores authorization headers in clear text $1000.0 7 Stored XSS in TSVB Visualizations Markdown Panel $0.0 8 Create an account on auth-sandbox.elastic.co with email @elastic.co or any other @domain.com $0.0 9 XXE in Enterprise Search's App Search web crawler $0.0 10 Improper authorization on /api/as/v1/credentials/ allows any App Search user to access all API keys and escalate privileges $0.0 11 Improper authorization on /api/as/v1/credentials/ for Dev Role User with Limited Engine Access $0.0 12 [Swiftype] - Stored XSS via document field url triggers on https://app.swiftype.com/engines/<engine>/document_types/<type>/documents/<id> $0.0 13 Prototype Pollution leads to XSS on https://blog.swiftype.com/#proto[asd]=alert(document.domain) $0.0 14 Critical || Unrestricted access to private Github repos and properties of Elastic through leaked token of Elastic employee $0.0 15 CVE-2021-40870 on [52.204.160.31] $0.0 16 Fix for CVE-2021-22151 (Kibana path traversal issue) can be bypassed on Windows $0.0 17 CSRF in AppSearch allows creation of "curations" $0.0 18 Default password on 34.120.209.175 $0.0 19 Synthetics Recorder: Code injection when recording website with malicious content $0.0 20 blind Server-Side Request Forgery (SSRF) allows scanning internal ports $0.0