At DFRNT, we are committed to the security of our services and the protection of our customers' data and privacy. We recognize the critical role of responsible disclosure in maintaining the security of digital environments.
This page is dedicated to the recognition of security researchers who have successfully disclosed vulnerabilities responsibly relating to services provided by DFRNT. We always ask for consent before listing researcher on this page.
This page was last updated 2024-11-17. We also maintain an honorary mentions page to thank security researchers for security disclosures for issues already submitted, or that for various reasons were not accepted as per our responsible disclosure policy
- GM
Gaurang Maheta
Reported: Weak Cipher Suites in TLS 1.0
Submitted: 2024-11-17
- AR
Arya Pawar
Reported: Missing link santitization in 3rd party service
Submitted: 2024-09-08
- AP
Aditya Patel
Reported: Non-sandboxed inline iframe with 3rd party provider
Submitted: 2024-04-13
- DC
Dhanraj Chavan
Reported: Business logic flaw related to subscription flow
Submitted: 2024-02-03
- XH
xitzhacks
Reported: Open redirect in oauth logout flow, closed 3rd party vulnerability with Microsoft
Submitted: 2024-01-27
- KG
Kartik Garg
Reported: Issue with specific pages hosted by a 3rd party, Hubspot
Submitted: 2024-01-27
- PP
Pushpraj Patil
Reported: Improper error handling processing input data, closed 3rd party vulnerability with Hubspot
Submitted: 2024-01-27
- SG
Sahaj Gautam
Reported: Missing CAA record
Submitted: 2024-01-26
- SG
Sahaj Gautam
Reported: Missing Clickjacking protection
Submitted: 2024-01-21
- SG
Sahaj Gautam
Reported: Open scheme in CSP for old level 2 browsers
Submitted: 2024-01-17
Your efforts in helping us maintain a secure and trustworthy digital environment are immensely appreciated. Together, we can ensure the safety and security of our services and client data.