Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
1,008,572 coordinated disclosures
630,354 fixed vulnerabilities
1,352 bug bounty programs, 2,708 websites
23,448 researchers, 1,317 honor badges

infoclimat.fr Bug Bounty Program

infoclimat.fr runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of infoclimat.fr

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between infoclimat.fr and researchers.

Bug bounty program allow private and public submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

infoclimat.fr

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

all kind of vulnerabilities can be submitted

Testing Requirements:

no restriction in the way vulnerabilities are found
Please be kind with the number of requests per second.

Possible Awards:

we are a non-profit organization with not much budget and all volunteers, so can't guarantee a reward, but can for sure recommend the researcher, or provide some financial support depending on the extend of the vulnerability

Other Submissions Handling

Website owner want to receive information about other vulnerabilities

Notifications:

[email protected]

General Requirements:

all kind of vulnerabilities can be submitted

Testing Requirements:

no restriction in the way vulnerabilities are found
Please be kind with the number of requests per second.

Possible Awards:

we are a non-profit organization with not much budget and all volunteers, so can't guarantee a reward, but can for sure recommend the researcher, or provide some financial support depending on the extend of the vulnerability

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

No comments so far.

  Latest Patched

 24.06.2021 meteociel.fr
 23.06.2021 itworld.co.kr
 23.06.2021 emmys.com
 23.06.2021 digitaljournal.com
 23.06.2021 royaloakindia.com
 22.06.2021 landesmuseen.sh
 22.06.2021 stylicy.com
 22.06.2021 wordplays.com
 22.06.2021 sallybeauty.com
 22.06.2021 classtools.net

  Latest Blog Posts

25.05.2021 by 0xrocky
Google XSS Game
25.05.2021 by ShivanshMalik12
Testing for XSS (Cross Site Scripting)
25.05.2021 by darklotuskdb
Easy XSS On Mostly Educational Websites Via Moodle
25.04.2021 by ParanjpeSanmarg
Testing Subdomain Takeover Vulnerability
11.04.2021 by Open Bug Bounty
Better Notifications Mechanism

  Recent Recommendations

@Xupypr13     23 June, 2021
    Twitter Xupypr13:
Nagashree found a vulnerabilities on our web resource and acted ethically by reporting it to us, as well as providing the information we needed to reproduce the issue.

Thank you for pointing this out!
@darione90     19 June, 2021
    Twitter darione90:
Many thanks to garlet_marco for finding an XSS vulnerability on our website!
@RyanBoehm12     16 June, 2021
    Twitter RyanBoehm12:
Vighnesh Gupta was professional, considerate, and thorough in helping us resolve a security flaw on our website. He communicated with in a timely manner, and provided all necessary support to fix the issue. I highly recommend him.
@rus_cert     16 June, 2021
    Twitter rus_cert:
Thanks for informing us about the vulnerability and providing helpful details :-)
@Cyber91998806     16 June, 2021
    Twitter Cyber91998806:
He responded to my mails quickly and helped us how to fix the vulnerability in a professional way. I recommended this guy.