Updated Security.md

yogeshojha · May 22, 2022 · 72a5fb2 · 72a5fb2
1 parent 669a93e
commit 72a5fb2
Showing 1 changed file with 24 additions and 5 deletions.
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -28,15 +28,34 @@ Please find the [FAQ](https://www.huntr.dev/faq) and [Responsible disclosure pol
 
 Thanks to these individuals for reporting Security Issues in reNgine.
 
-* [Stored XSS](https://github.com/yogeshojha/rengine/issues/178) on Detail Scan Page via Page Title Parameter, Reported by [omemishra](https://github.com/omemishra)
+### 2022
 
-* [Stored XSS](https://github.com/yogeshojha/rengine/issues/347) on Vulnerability Scan page via URL Parameter, Reported by [Arif Khan, payloadartist](https://twitter.com/payloadartist)
+* [LOW] [Stored XSS](https://huntr.dev/bounties/dfd440ba-4330-413c-8b21-a3d8bf02a67e/) on Import Targets via filename, Reported by [Veeshraj Ghimire](https://github.com/V35HR4J)
 
-* Several Instances of XSS in reNgine 1.0 (#460, #459, #458, #457, #456, #455), Reported by [Binit Ghimire](https://github.com/TheBinitGhimire)
+* [LOW] [Stored XSS](https://huntr.dev/bounties/8ea5d3a6-f857-45e4-9473-e4d9cb8f7c77/) on HackerOne Markdown template, Reported by [Smaran Chand](https://github.com/smaranchand) and [Ayoub Elaich](https://github.com/sicks3c)
+
+* [LOW] [Stored XSS](https://huntr.dev/bounties/6e2b7f19-d457-4e05-b2d5-888110898147/) via Scan Engine Name, Reported by [nerrorsec](https://github.com/nerrorsec)
+
+* [LOW] [HTML Injection](https://huntr.dev/bounties/da2d32a1-8faf-453d-8fa8-c264fd8d7806/) in Subscan, Reported by [nerrorsec](https://github.com/nerrorsec)
+
+### 2021
+* [LOW] [Stored XSS](https://github.com/yogeshojha/rengine/issues/178) on Detail Scan Page via Page Title Parameter, Reported by [omemishra](https://github.com/omemishra)
+
+* [LOW] [Stored XSS](https://github.com/yogeshojha/rengine/issues/347) on Vulnerability Scan page via URL Parameter, Reported by [Arif Khan, payloadartist](https://twitter.com/payloadartist)
+
+* [LOW] Several Instances of XSS in reNgine 1.0 (#460, #459, #458, #457, #456, #455), Reported by [Binit Ghimire](https://github.com/TheBinitGhimire)
+
+* [LOW] [Stored XSS](https://huntr.dev/bounties/ac07ae2a-1335-4dca-8d55-64adf720bafb/) on GF Pattern via filename, Reported by [nerrorsec](https://github.com/nerrorsec)
+
+* [LOW] [Stored XSS](https://huntr.dev/bounties/0f8de2a4-7590-48f1-a5af-1e2cab9f6e85/) on Delete Scheduled Task via Scan Engine Name, Reported by [nerrorsec](https://github.com/nerrorsec)
+
+* [LOW] [Stored XSS](https://huntr.dev/bounties/693a7d23-c5d4-448e-bbf6-50b3f0ad8544/) on Target Summary via Todo, Reported by [TheLabda](https://github.com/thelabda)
+
+* [LOW] [Stored XSS](https://huntr.dev/bounties/81c48a07-9cb8-4da8-babc-28a4076a5e92/) on Nuclei Template Summary via maliclous Nuclei Template, Reported by [Walleson Moura](https://github.com/phor3nsic)
+
+* [MEDIUM] [Path Traversal/LFI](https://huntr.dev/bounties/5df1a485-7a1e-411d-9664-0f4343e8512a/), reported by [Koen Molenaar](https://github.com/k0enm)
 
-* [Stored XSS](https://huntr.dev/bounties/dfd440ba-4330-413c-8b21-a3d8bf02a67e/) on Import Targets via filename, Reported by [Veeshraj Ghimire](https://github.com/V35HR4J)
 
-* [Stored XSS](https://huntr.dev/bounties/8ea5d3a6-f857-45e4-9473-e4d9cb8f7c77/) on HackerOne Markdown template, Reported by [Smaran Chand](https://github.com/smaranchand) and [Ayoub Elaich](https://github.com/sicks3c)