๐ HackerOne: program_analytics_benchmarks query shows information not visible in public
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Summary: program_analytics_benchmarks is displaying information i don't see yet in public profile of a program. Description: I tried querying program_analytics_benchmarks for the program security and โโโโโโ and it showing information i cannot find in public profile especially in โโโโโโโ Steps To Reproduce Please try the graphql for the the program security and โโโโโโโโ ``` { program_analytics_benchmarks(teams:"security" select:p50_time_to_bounty, from:response_targets, where:{severity:{is_null:true}},group:week_bounty_awarded_at, start_date:"2019-10-01T00:00:00.000Z",end_date:"2020-10-01T00:00:00.000Z%00") { id x y } } ``` Please see the attached file for the actual response Optional: Supporting Material/References (Screenshots) โโโ โโโ * I saved this graphql query and been trying to run this for a month now and i just noticed now that it's returning some information. Impact Information... ...