Skip to content

issues Search Results · language:Dune language:Python language:JavaScript language:JavaScript linked:pr language:HTML

Filter by

4.8M results  (383 ms)

4.8M results

SecureBananaLabs/bug-bounty
[LHF] Validate payment creation requests

Parent bounty: #743 Description The payment controller passes the raw request body directly to the payment service, so malformed or missing payment fields are accepted before any schema validation. ...
  • minorstep
  • Opened 
    1 minute ago
  • #4500

SecureBananaLabs/bug-bounty
[LHF] Prevent public self-registration as admin

Parent bounty: #743 Description The public registration schema allows the admin role. This lets an arbitrary registrant request administrator privileges from the client-controlled request body. Affected ...
  • minorstep
  • Opened 
    1 minute ago
  • #4499

SecureBananaLabs/bug-bounty
[LHF] Remove hardcoded JWT secret fallback

Parent bounty: #743 Description The API configuration falls back to development-secret when JWT_SECRET is not set. If this fallback reaches production, anyone who knows the default can forge valid JWTs. ...
  • minorstep
  • Opened 
    1 minute ago
  • #4498

usebruno/bruno
Open response body URLs as transient requests

I have checked the following: - [x] I ve searched existing issues and found nothing related to my issue. This feature - [ ] blocks me from using Bruno - [x] would improve my quality of life in ...
enhancement
  • jessejamesblack
  • Opened 
    4 minutes ago
  • #8188

SecureBananaLabs/bug-bounty
Registration token subject should match returned user id

Parent Algora bounty: #743 Problem registerUser() currently generates the response id and the JWT sub with separate Date.now() calls: id: `usr_${Date.now()}`, token: signAccessToken({ sub: `usr_${Date.now()}`, ...
  • taherdhanera
  • 1
  • Opened 
    5 minutes ago
  • #4495

amaster1029-rgb/Alireza
we should call out that organic sugar comes from India AND Philippines

bug
  • amaster1029-rgb
  • Opened 
    6 minutes ago
  • #1

OhMyGuus/I-Still-Dont-Care-About-Cookies
[REQ] www.biznis-akademija.com

Someone reported anonymously: Website URL https://www.biznis-akademija.com What browser are u using? Firefox 151.0 Version 1.1.9 Issue type General Notes Cookies keep showing
Anonymous request
V1.1.9
Website request
  • OhMyGuus-Bot
  • 1
  • Opened 
    8 minutes ago
  • #24861

autumngarage/conductor
Cursor delegation rule drifts from canonical review command

Generated Conductor integration blocks disagree on the review command. AGENTS.md/GEMINI.md use the canonical semantic form:\n\n conductor ask --kind review --base ref --brief-file /tmp/review.md\n\nBut ...
  • henrymodisett
  • 1
  • Opened 
    8 minutes ago
  • #523

SecureBananaLabs/bug-bounty
Payment creation should require authentication

Bug POST /api/payments allows unauthenticated callers to create payment intents. Impact Payment creation is a sensitive write operation. Without authentication, anonymous callers can hit the payment ...
  • amantidesigns
  • Opened 
    9 minutes ago
  • #4493

maurodoglio/amadeus
Add composition mechanic — collect notes to form Mozart melodies

Add a mechanic where Mozart collects scattered musical notes that form actual Mozart melodies. Completing a phrase plays it back and rewards the player. Mechanic design: - Floating note collectibles ...
enhancement
  • maurodoglio
  • Opened 
    9 minutes ago
  • #43
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.