Open Bug Bounty selected among the
Top 5 Bug Bounty programs to watch
in 2021 by The Hacker News

For security researchers
Report a Vulnerability
Submit, help fixing, get kudos.
For website owners
Start a Bug Bounty
Run your bounty program for free.
976,955 coordinated disclosures
615,425 fixed vulnerabilities
1,324 bug bounty programs, 2,655 websites
22,824 researchers, 1,310 honor badges

stroel Bug Bounty Program

stroel runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of stroel

Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between stroel and researchers.

Bug bounty program allow private and public submissions.

Bug Bounty Scope

The following websites are within the scope of the program:

outdoorcanvas.co.uk

Non-Intrusive Submissions Handling

The following section encompasses submission of the vulnerabilities that do not require intrusive testing as per Open Bug Bounty rules:

- Cross Site Scripting (XSS)
- Open Redirect

- Cross Site Request Forgery (CSRF)
- Improper Access Control

General Requirements:

I have no idea what to fill in here. I have received a notification that my site possibly has a XSS issue. So I want to find out where this happens and how I should fix it.

Testing Requirements:

I have no idea what to fill in here. I have received a notification that my site possibly has a XSS issue. So I want to find out where this happens and how I should fix it.

Possible Awards:

I big thank you for making our website secure!

Community Rating

Provided by security researchers who reported security vulnerabilities via this bug bounty program:

 
Response Time  Information How quickly researchers get responses to their submissions.
Remediation Time  Information How quickly reported submissions are fixed.
Cooperation and Respect  Information How fairly and respectfully researchers are being treated.

Researcher's comments

Alejandroarias     26 April, 2021
    Alejandroarias:
good evening
I have found a vulnerability that affects your website and I can not report it in openbugbounty, can you provide me your email so I can inform you thank you.

  Latest Patched

 18.05.2021 bancodevenezuela.com
 18.05.2021 weglot.com
 18.05.2021 hjcp77.me
 18.05.2021 www2.cdc.gov
 18.05.2021 world68.com
 17.05.2021 freewebsubmission.com
 17.05.2021 aihami.com
 17.05.2021 lacentrale.fr
 17.05.2021 ces.tech
 17.05.2021 uniapp.me

  Latest Blog Posts

25.04.2021 by ParanjpeSanmarg
Testing Subdomain Takeover Vulnerability
11.04.2021 by Open Bug Bounty
Better Notifications Mechanism
28.03.2021 by febin_rev
Windows Stack Buffer Overflow in a real life app — Exploit development — CloudMe_1.11.2 Buffer Overflow-CVE-2018–6892
10.02.2021 by Renzi25031469
Sysadminotaur nº88
10.02.2021 by Open Bug Bounty
Higher Submissions Quality Standard

  Recent Recommendations

@Onizuka961     16 May, 2021
    Twitter Onizuka961:
Thanks Jenny For Reporting issue for us , Very Professional , quick response
@philippejadin     14 May, 2021
    Twitter philippejadin:
Thank you for reporting an issue with the presentation website of the project and for the quick replies !
@DjMagrao_     11 May, 2021
    Twitter DjMagrao_:
Thanks for founding xss errors on my website and fixing then.
@DouglasRao42     10 May, 2021
    Twitter DouglasRao42:
Profissional competente que tem contribuído ativamente no campo da segurança da informação.
@obb20210429     6 May, 2021
    Twitter obb20210429:
Thanks for a quick and useful report that helped us find and resolve the issue.