ubuy Bug Bounty Program
ubuy runs a bug bounty program to ensure the highest security and privacy of its websites. Everyone is eligible to participate in the program subject to the below-mentioned conditions and requirements of ubuy
Open Bug Bounty performs triage and verification of the submissions. However, we never intervene to the further process of vulnerability remediation and disclosure between ubuy and researchers.
Bug bounty program allow private and public submissions.
Community Rating
Provided by security researchers who reported security vulnerabilities via this bug bounty program:
Researcher's comments
The devs appears to be miseducated on XSS. Their website is vulnerable to attack, but to make it appear like they are not, they assigned alert/confirm/prompt to function(){} in their javascript. While this stops the filtered functions from esecuting, it doesnt fix the issue. |