Top Web Cache reports from HackerOne:
- DoS on PayPal via web cache poisoning to PayPal - 820 upvotes, $9700
- Web cache poisoning attack leads to user information and more to Postmates - 343 upvotes, $500
- Web Cache Poisoning leads to Stored XSS to Glassdoor - 111 upvotes, $0
- Defacement of catalog.data.gov via web cache poisoning to stored DOMXSS to GSA Bounty - 80 upvotes, $750
- https://themes.shopify.com::: Host header web cache poisoning lead to DoS to Shopify - 73 upvotes, $2900
- web cache deception in https://tradus.com lead to name/user_id enumeration and other info to OLX - 61 upvotes, $0
- Web Cache Poisoning leads to XSS and DoS to Glassdoor - 59 upvotes, $0
- CSRF-tokens on pages without no-cache headers, resulting in ATO when using CloudFlare proxy (Web Cache Deception) to Discourse - 51 upvotes, $0
- Web Cache Deception to Glassdoor - 51 upvotes, $0
- Web cache deception attack on https://open.vanillaforums.com/messages/all to Vanilla - 47 upvotes, $150
- [https://www.glassdoor.com] - Web Cache Deception Leads to gdtoken Disclosure to Glassdoor - 47 upvotes, $0
- Web Cache Deception Attack (XSS) to Discourse - 36 upvotes, $256
- Web cache poisoning leads to disclosure of CSRF token and sensitive information to Smule - 35 upvotes, $0
- Web Cache Deception vulnerability on algolia.com leads to personal information leakage to Algolia - 34 upvotes, $400
- Web Cache Poisoning on █████ to U.S. Dept Of Defense - 33 upvotes, $0
- Web Cache poisoning attack leads to User information Disclosure and more to Lyst - 30 upvotes, $0
- Shopify.com Web Cache Deception vulnerability leads to personal information and CSRF tokens leakage to Shopify - 29 upvotes, $800
- Web cache information leakage at sbermarket.ru to Mail.ru - 22 upvotes, $400
- https://help.nextcloud.com::: Web cache poisoning attack to Nextcloud - 22 upvotes, $0
- [*.rocketbank.ru] Web Cache Deception & XSS to QIWI - 21 upvotes, $0
- Web Cache Deception Attack (XSS) to Algolia - 21 upvotes, $0
- HTTP request smuggling on Basecamp 2 allows web cache poisoning to Basecamp - 20 upvotes, $1700
- Web Cache Poisoning to Mail.ru - 17 upvotes, $0
- Web cache poisoning at www.acronis.com to Acronis - 17 upvotes, $0
- Web cache deception attack - expose token information to Chaturbate - 15 upvotes, $0
- Web Cache Poisoning leading to DoS to U.S. General Services Administration - 15 upvotes, $0
- Several domains on kaspersky.com are vulnerable to Web Cache Deception attack to Kaspersky - 14 upvotes, $0
- [okmedia.insideok.ru] Web Cache Poisoing & XSS to ok.ru - 13 upvotes, $0
- Information Leakage via TikTok Ads Web Cache Deception to TikTok - 11 upvotes, $0
- Web cache deception attack - expose earning state information to Semrush - 3 upvotes, $0