Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Powered by Cookieyes logo
Demo program /
Remote Code Execution - CVE 23X-DE45
+ Add tag
Report
Activity
logo
Add message
logo
Thierry Demo changed the status from
Pending
to
Accepted
9-10-2024, 10:45:00
logo
Thierry Demo [ company ]
9-10-2024, 10:44:55

We accept your vulnerability!

logo
guillaumeresearcher [ researcher ]
24-7-2024, 14:52:08

@thierry_demo Hi Thierry, yes I acknowledge. Do you want me to retest the vulnerability now?

logo
guillaumeresearcher provided the requested additional feedback
24-7-2024, 14:52:08
logo
guillaumetriage requested feedback
22-7-2024, 16:27:16

@guillaumeresearcher We have reviewed the severity, can you please acknowledge it and approve?

logo
Thierry Demo removed the tag
neil
16-7-2024, 15:38:27
Internal
logo
Thierry Demo changed the severity from
Exceptional
(9.8) to
High
(8.4)
16-7-2024, 15:27:42
logo
Thierry Demo changed the status from
Accepted
to
Pending
16-7-2024, 15:27:21
logo
Thierry Demo added the tag
neil
16-7-2024, 15:26:22
Internal
logo
guillaumeresearcher [ researcher ]
16-7-2024, 11:42:18

Great! Thanks for accepting the bounty so fast!

logo
guillaumeresearcher provided the requested additional feedback
16-7-2024, 11:42:18
logo
Thierry Demo changed the status from
Pending
to
Accepted
16-7-2024, 11:39:07
logo
Thierry Demo requested feedback
16-7-2024, 11:38:31

Hi,

Very interesting finding. It caused quite a buzz within our organization. Can I ask how you were able to discover this vulnerability? Where you able to find more vulnerable Citrix E-corp servers?

Anyway, very happy to reward you an exceptional bounty for this one! We will also include it in our awareness traingings! Very insightful!

Schermafbeelding 2021-02-26 om 17.04.16.png
{151519}
logo
Thierry Demo [ company ]
16-7-2024, 11:37:51
Internal

@triager Thanks for the heads-up! We'll have a look!

logo
Thierry Demo changed the assignee from arnetriage to Thierry Demo
16-7-2024, 11:37:22
Internal
logo
triager changed the assignee from triager to arnetriage
16-7-2024, 11:36:12
Internal
logo
triager changed the status from
Triage
to
Pending
16-7-2024, 11:36:09
logo
triager changed the assignee from 8938 to triager
16-7-2024, 11:36:00
Internal
logo
triager changed the assignee from stoffeltriage to 8938
16-7-2024, 11:35:47
Internal
logo
stoffeltriage changed the assignee from triager to stoffeltriage
16-7-2024, 11:35:29
Internal
logo
triager indicated that personal data is involved
16-7-2024, 11:07:06
logo
triager [ triage ]
16-7-2024, 11:07:00
Internal

Dear Demo Company,

We have reviewed your submission, and it appears to be a very serious PII issue. Please address this matter as soon as possible to ensure it is resolved promptly.

Thank you.

logo
triager [ triage ]
16-7-2024, 11:05:29

Hi elliot_alderson,

Thank you for your submission.

We have verified the security issue and will forward your report towards the company. They will review your submission and get back to you as soon as possible.

Happy hunting & enjoy the weekend!

Cheers,
Intigriti Triage Team

logo
triager assigned the submission to triager
16-7-2024, 11:05:04
Internal
logo
triager [ triage ]
16-7-2024, 11:04:29
deleted at 16-7-2024, 11:04:36
Internal
logo
guillaumeresearcher created the submission
16-7-2024, 11:02:35

Status:

Accepted

References

submission code
DEMO-MDBQR2HO
internal-ref

People

researcher
logo
 guillaumeresearcher
assignee
logo
Thierry Demo
participants
logo
guillaumetriage
logo
triager
logo
stoffeltriage

Payouts

total bounty
€0 / €0
total bonus
€0
Add bonus
total payout
€0

Dates

CREATED AT
16-7-2024, 11:02:35
UPDATED AT
24-7-2024, 14:52:08
DAYS IN TRIAGE
0 days
DAYS OPEN
84 days

Export submission

EXPORT