Manual Patch Request

Your experience of helping website owners
VD_Labs
Posts:1
Joined:Tue Nov 13, 2018 5:49 pm
Re: Manual Patch Request

Post by VD_Labs » Tue Dec 04, 2018 9:10 am

Please check / mark as patched:

OBB-697401
OBB-698655
OBB-698656
OBB-698657
OBB-698658
OBB-698659
OBB-698660
OBB-698661


Thanks!

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: Manual Patch Request

Post by x1admin » Wed Dec 05, 2018 11:06 am

WritingCom wrote:
Tue Dec 04, 2018 6:57 am
Please check / mark patched:

OBB-706884


(This is the correct way to do this, right? There's no link to click on the bug reports themselves?)
every report have button for patch check, this thread for report what not marked as patched automatically but you sure that vulnerability fixed
706884 already mark as fixed

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: Manual Patch Request

Post by x1admin » Wed Dec 05, 2018 11:07 am

VD_Labs wrote:
Tue Dec 04, 2018 9:10 am
Please check / mark as patched:

OBB-697401
OBB-698655
OBB-698656
OBB-698657
OBB-698658
OBB-698659
OBB-698660
OBB-698661


Thanks!
done

WritingCom
Posts:12
Joined:Wed Jun 22, 2016 7:44 am

Re: Manual Patch Request

Post by WritingCom » Thu Dec 06, 2018 4:19 am

x1admin wrote:
Wed Dec 05, 2018 11:06 am
WritingCom wrote:
Tue Dec 04, 2018 6:57 am
Please check / mark patched:

OBB-706884


(This is the correct way to do this, right? There's no link to click on the bug reports themselves?)
every report have button for patch check, this thread for report what not marked as patched automatically but you sure that vulnerability fixed
706884 already mark as fixed

I'm sorry, but can you tell me where the "patch check" button is?
I should see that on our own bug reports, right?
I've gone over the screen a ton of times and I'm just missing it.

Any help finding it would be appreciated.

OBB-706884
OBB-705910

Both appear to be fixed. I've tried 4 different browsers and various accounts / non-account views.
The source of the page for the URL provided in the report shows all the "s converted to ASCII codes making the url attack harmless and no prompt shown.

There's no screenshot on either for us to see what the researcher sees.

??

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: Manual Patch Request

Post by x1admin » Thu Dec 06, 2018 11:03 am

WritingCom wrote:
Thu Dec 06, 2018 4:19 am

I'm sorry, but can you tell me where the "patch check" button is?
I should see that on our own bug reports, right?
I've gone over the screen a ton of times and I'm just missing it.
yes
on the top of report page you can find 4 buttons
also you can find check button on "Open Bug Bounty Submissions" page

WritingCom
Posts:12
Joined:Wed Jun 22, 2016 7:44 am

Re: Manual Patch Request

Post by WritingCom » Thu Dec 13, 2018 7:39 am

I'm so sorry, but I'm still not seeing it.
I would wonder if my account was not correctly linked to this report...
But I got an email about the report as configured in my profile.
None of my report pages show any buttons or actions available.

Screenshot attached.

??? Am I just totally missing it ???
Attachments
Screen Shot 2018-12-13 at 2.35.47 AM.gif
Screenshot of report page
Screen Shot 2018-12-13 at 2.35.47 AM.gif (93.56KiB)Viewed 5572 times

WritingCom
Posts:12
Joined:Wed Jun 22, 2016 7:44 am

Re: Manual Patch Request

Post by WritingCom » Fri Dec 14, 2018 8:20 am

#711132 patched
https://www.openbugbounty.org/reports/711132/

Per my screenshot above, I still can't find a "patched" link or anything like that.

WritingCom
Posts:12
Joined:Wed Jun 22, 2016 7:44 am

Re: Manual Patch Request

Post by WritingCom » Sat Dec 15, 2018 6:13 pm

Patched: OBB-711357

Still searching for that "patched" button. LOL ;-)

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: Manual Patch Request

Post by x1admin » Tue Dec 18, 2018 6:37 am

WritingCom wrote:
Sat Dec 15, 2018 6:13 pm
Patched: OBB-711357

Still searching for that "patched" button. LOL ;-)
You have website owner account, at this moment only researchers can mark reports as fixed, this is why you don't have buttons

WritingCom
Posts:12
Joined:Wed Jun 22, 2016 7:44 am

Re: Manual Patch Request

Post by WritingCom » Sun Dec 30, 2018 6:27 pm

You have website owner account, at this moment only researchers can mark reports as fixed, this is why you don't have buttons
Ah, ok - I see.

Well just for your todo suggestion list, it would be great if you had a way for us to just click back to the researcher for patch check. 8-)

OBB-715982 is patched; I've let the researcher know.

These are also patched as far as our testing shows...
OBB-711357
OBB-711132
OBB-706884
OBB-705910
I've notified the various researchers.

Locked

Who is online

Users browsing this forum: No registered users and 2 guests