Reports in imgur program: S.No Title Bounty 1 Unauthenticated Docker registry $0.0 2 Stored XSS in albums on http://m.imgur.com/ $0.0 3 Stored xss in ALBUM DESCRIPTION $0.0 4 Remote Code Execution on Git.imgur-dev.com $0.0 5 RCE by command line argument injection to gm convert in /edit/process?a=crop $0.0 6 Login to any user account using other facebook app access token $0.0 7 Information disclosure (No rate limting in forgot password & other login) $0.0 8 Reflected XSS in m.imgur.com $0.0 9 Go.imgur.com can be used to phish for account information $0.0 10 Ability to login to the Nexus Repo Manager from https://nexus.imgur.com/ $0.0 11 Stored XSS on imgur profile $0.0 12 BUG XSS IN "ADD IMAGES" $0.0 13 CSRF leads to a stored self xss $0.0 14 Xss on community.imgur.com $0.0 15 Password Reset Link not expiring after changing the email Leads To Account Takeover $0.0 16 De-anonymization Attack: Cross Site Information Leakage $0.0 17 Sourcemaps and Unminified Source Code Exposed on Pages $0.0 18 SSRF in imgur video GIF conversion $0.0 19 Stored XSS in Post title (PoC) $0.0 20 self-xss with ClickJacking can leads to account takeover in Firefox $0.0 21 Bypass subscription $0.0 22 HTML Injection with XSS possible $0.0 23 xss reflected on imgur.com $0.0 24 No length on password $0.0 25 8ybhy85kld9zp9xf84x6.imgur.com Subdomain Takeover $0.0