Acknowledgments
At Seznam, security is a priority. We recognize and appreciate the individuals who have helped make Seznam safer by reporting vulnerabilities. The following list acknowledges those who have responsibly disclosed vulnerabilities to us:
- (24-01-2025) Jaroslav Kotík - Email Spoofing (reward: 20 000 CZK after bounty split)
- (24-01-2025) Adam Hlavica - Email Spoofing (reward: 20 000 CZK after bounty split)
- (23-09-2024) Marek Tóth - 2FA Bypass and Blind XSS Vulnerability (reward: 25 000 CZK)
- (20-08-2024) Marek Tóth - Multiple Authentication Bypass and Stored XSS Vulnerabilities (reward: 150 000 CZK)
- (10-08-2024) Pushkar Nandwalkar - HTML Injection (reward: 3 000 CZK + bonus)
- (31-05-2024) Prokop Schovanec - DOM-based XSS (reward: 11 000 CZK)
- (29-04-2024) David Nechuta - Multiple Reflected XSS Vulnerabilities (reward: 16 000 CZK)
- (04-04-2024) Martin Řepa - Multiple Information Disclosure and XSS Vulnerabilities (reward: 30 000 CZK)
- (21-11-2023) Jan Oupický - User Enumeration with Partial Disclosure (reward: 7 000 CZK after bounty split)
- (30-10-2023) Petr Paroubek - 1-Click Reflected XSS (reward: 10 000 CZK + bonus)
- (20-09-2023) Ondřej Cach - Phishing on Trustworthy Sandbox Domain via Stored XSS (reward: 4 000 CZK + bonus)
- (18-01-2023) Marek Tóth - Multiple Session Hijacking Vulnerabilities (reward: 35 000 CZK)
- (01-10-2020) Marek Tóth - Multiple Reflected XSS
- (17-06-2020) Marek Tóth - Reflected XSS
- (09-06-2020) Marek Tóth - Session Hijacking via CORS Misconfiguration