HackerOne rewards bughunter who found critical security hole in... HackerOne

“Vulnerability-reporting platform HackerOne has come clean about a critical security flaw on its own website that could be used to expose the email addresses of users. A researcher going by the name of “msdian7” revealed how an attacker could exploit the site’s project invite feature to uncover the email addresses of other users”

Source : HackerOne rewards bughunter who found critical security hole in… HackerOne