real.de OBB program silently patches.
Posted: Thu Apr 18, 2019 8:10 am
Hey Team,
I was participating in the OBB program of https://www.openbugbounty.org/bugbounty/itsecop/
i found XSS in their main domain real.de Underneath here is the timeline of the submission.
Vulnerability Reported: 4 April, 2019 23:39 GMT
Vulnerability Verified: 4 April, 2019 23:55 GMT
Website Operator Notified via Bug Bounty: 4 April, 2019 23:55 GMT
They never reached out to me, so i got some of their direct contacts send them an email about it and.
Today on 18-4-2019 i checked again and my vuln was silently patched, now this is not good behaviour for a OBB program.
and brings us researchers down in motivation.
Their policy clearly states : Possible Awards:
- PayPal donation
- voucher
- good rating
So i would like to receive this. As i did my work
I was participating in the OBB program of https://www.openbugbounty.org/bugbounty/itsecop/
i found XSS in their main domain real.de Underneath here is the timeline of the submission.
Vulnerability Reported: 4 April, 2019 23:39 GMT
Vulnerability Verified: 4 April, 2019 23:55 GMT
Website Operator Notified via Bug Bounty: 4 April, 2019 23:55 GMT
They never reached out to me, so i got some of their direct contacts send them an email about it and.
Today on 18-4-2019 i checked again and my vuln was silently patched, now this is not good behaviour for a OBB program.
and brings us researchers down in motivation.
Their policy clearly states : Possible Awards:
- PayPal donation
- voucher
- good rating
So i would like to receive this. As i did my work