{"uuid": "d6495c66-c7ee-454d-8c3e-e2fe503ef5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29455", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/800", "content": "#BugBountyTips of the Day\n2FA Bypass Testing ( Method 12 )  ==> #WayToInject  => Try To Use SOAP Endpoint To Bypass 2FA.  #CipherEra #VedixEra #AlphaEraX #bugbounty #bugbountytips #redteam #offensivesecurity #cybersecuritytips #cybersecurity  https://t.co/cMCiLKm0tg\n---\n$5000 bounty Today is different, I\u2019m the GOAT of this game  #bugbounty @Bugcrowd  https://t.co/2dgbsqs9d5\n---\nMSRC took over 4 months to fix the root cause, and awarded this issue a $60,000 #BugBounty.  So\u2026 What were the key mistakes? (9/11)\n---\nNormal Localhost for most server lives at 127.0.0.1 but if you find AWS Ec2 Instance and want to try #SSRF then try 169.254.169.254 because this is AWS Localhost.  Normal Server: 127.0.0.1 AWS EC2 Instance:169.254.169.254  #bugbountytips #aws #cybersecurity\n---\nI create a custom nuclei template for mass hunting recent CVE-2022-29455(XSS) #bugbounty #nuclei  https://t.co/uMC9ldy3CJ", "creation_timestamp": "2022-06-15T13:37:05.000000Z"}