Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 327,667 coordinated disclosures
189,724 fixed vulnerabilities
399 bug bounties with 850 websites
9,153 researchers, 849 honor badges

cloud infra Bug Bounty Program

cloud infra runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of cloud infra

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between cloud infra and researchers.

Bug bounty program allow private submissions only.

Bug Bounty Scope

The following websites are within the scope of the program:

expertrec.com

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

all vulnerabilities, except smtp email as another.

Testing Requirements:

non-intrusive testing

Possible Awards:

Honorary mention

Special Notes:

drop a note to [email protected]

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  How quickly researchers get responses to their submissions.
Remediation Time  How quickly reported submissions are fixed.
Cooperation and Respect  How fairly and respectfully researchers are being treated.

  Latest Patched

 19.03.2019 kiva.org
 18.03.2019 twistys.com
 18.03.2019 bazar.bg
 18.03.2019 cvonline.lt
 18.03.2019 mynoise.net
 18.03.2019 weloveshopping.com
 18.03.2019 stileproject.com
 18.03.2019 arabstoday.net
 18.03.2019 byjus.com
 18.03.2019 bookboon.com

  Latest Blog Posts

24.02.2019 by ismailtsdln
Apple XSS Vulnerability - Proof of Concept (PoC)
24.02.2019 by ismailtsdln
How do you use an xss as a keylogger ?
23.02.2019 by ismailtsdln
Everything about XSS is in this source!
20.02.2019 by drok3r
ModSecurity - ByPass XSS
15.02.2019 by ismailtsdln
Adobe Israel Website XSS Vulnerability

  Recent Recommendations

    18 March, 2019
     DevTkd:
Thank you for your expressive vulnerability report. You do a great job. Thank you very much.
    15 March, 2019
     fkmclane:
Thanks for finding and responsibly reporting vulnerabilities in our websites and making them more secure!
    15 March, 2019
     despegar_appsec:
Nicholas found a vulnerability on one of our websites and responsibly reported it. Many thanks for letting us know.
    15 March, 2019
     stefan45863814:
Danke für den Hinweis, Armin. Es freut uns sehr, dass Du das Internet so tatkräftig zu einem besseren Ort machst.Stefan
    14 March, 2019
     CreditreformMGZ:
Lieber Armin, danke für die Meldung unserer Schwachstelle. Wir sind aktuell dabei Sicherheitslücken zu beheben - dein Hinweise hilft uns sehr dabei.