-2 upvotes, 1 direct replies (showing 1)
View submission: Announcing Reddit’s Public Bug Bounty Program Launch
On your list of example vulnerabilities, this one doesn't make sense:
Removing a moderator from a subreddit where you are not a moderator with “access” permissions.
You need full perms (+all) to remove a mod, not just access (or "Manage Users" I guess it's called now). I just checked to make sure it's still like that.
Comment by thetrombonist at 14/04/2021 at 15:22 UTC
41 upvotes, 3 direct replies
That’s why it’s listed as a possible vulnerability