Hyatt Hotels

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
476639005 APPLE_STORE_APP_ID high high high critical
com.Hyatt GOOGLE_PLAY_APP_ID high high high critical
hyatt.com URL high high high critical
world.hyatt.com URL high high high critical
www.hyatt.com URL high high high critical
assets.hyatt.com URL high high high critical
We are adding this subdomain to our program as our main domain pull images and other assets from this site.
140.95.0.0/16 CIDR high high high critical
213.139.133.32/28 CIDR high high high critical
newsroom.images.hyatt.com URL low low low medium
Only test newsroom.images.hyatt.com; newsroom.hyatt.com is not hosted by Hyatt (do not test).
https://www.hyatt.com/en-US/payment/details URL high high high critical
#To test the dark deployed payment page, follow these instructions: ##1. Test Account Requirements ###Create World of Hyatt test accounts or complete reservations to these specifications: * First name: <HackerOne handle> (for multiple accounts - <handle>one, <handle>two, etc.). * Last name: "**Test**". ##2. Reservation Requirements ###All testing reservations must follow these rules: * Test bookings should be made **four months** into the future at a minimum. * All test bookings should be canceled **as soon as possible**. * Do not book New York City or Chicago properties for testing purposes. * If possible, add "HackerOne" to the comments of bookings. ##3. Access the dark deployed payment page ###Add a cookie to your page by running this command in your JavaScript development console of the browser: * document.cookie = "bookPaymentVrid=true; path=/; domain=hyatt.com". * Run a search and continue to the payment page, where you are able to enter new credit cards. * You can verify you are on the correct page because the URL will contain /payment/details (the old page has /book/payment).
salesportal.hyatt.com URL high high high critical
meetings.hyatt.com URL high high high critical
ebsext.oft.hyatt.com URL high high high critical
mobileapp.hyatt.com URL high high high critical
plannerrequest.hyatt.com URL critical
public.hyatt.com URL high high high critical
roominglist.hyatt.com URL high high high critical
soaext.oft.hyatt.com URL high high high critical
sso.oft.hyatt.com URL high high high critical
upsell.hyatt.com URL high high high critical

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity