Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
584,247 coordinated disclosures
375,497 fixed vulnerabilities
893 bug bounties with 1,782 websites
18,171 researchers, 1180 honor badges

  Please, login via Twitter first




Vulnerability Disclosure Program

Here you can submit a vulnerability via the Open Bug Bounty following coordinated and responsible disclosure:

doneUse only non-intrusive testing techniques that will not affect confidentiality, integrity or availability of the website, any related data or infrastructure.
done>Notify website owner in a prompt and reliable manner to help fixing the vulnerability, follow ISO 29147 guidelines of responsible disclosure.
done>Avoid reporting any vulnerabilities that will unlikely be fixed by the website owner.
done>Follow technical submission guidelines, otherwise submission may be declined.

Vulnerability Details

Vulnerability type:
* XSS URL:
POST data: Information appication/x-www-form-urlencoded
POST data example:


key1=value1&key2=value2
           
Cookies:
* CMS name:

Notifications

ISO 29147 Recommend Notification:
Notify subscribers:
Information A notification without technical details can be also sent to a specific security email you have for this submission. Please try to find the most appropriate one.
Send notification via twitter:
Automatic Disclosure:
 


  Latest Patched

 23.09.2020 instadp.com
 23.09.2020 hoc24.vn
 23.09.2020 korg.com
 22.09.2020 yeggi.com
 22.09.2020 pearltrees.com
 22.09.2020 plos.org
 22.09.2020 fssai.gov.in
 22.09.2020 dietnavi.com
 22.09.2020 tuniscope.com

  Latest Blog Posts

14.09.2020 by aninda_anon
VPS Cheatsheet for bug hunting
14.09.2020 by pk_12397
A Story of IDOR To Account Takeover
14.09.2020 by febin_rev
How to find valid and impactful CSRFs
14.09.2020 by _r00t1ng_
Using {XSS} to play games on Site
24.06.2020 by Gkexamquiz
How to Find Contacts To Report Bugs & Security Vulnerabilities | Bug Bounty Tutorials 2020

  Recent Recommendations

@TinNguy54963117     23 September, 2020
    Twitter TinNguy54963117:
Thank you for the accurate and quick response in disclosing our vulnerability. This was done in a professional and responsible manner through the bug bounty program, giving us time to remediate.
@judythai     22 September, 2020
    Twitter judythai:
Thank you, Pankaj, for sending such a detailed report to help us reproduce and fix a security issue. You were also very responsive to our follow-up. Appreciate your work!
@Fla_ke     22 September, 2020
    Twitter Fla_ke:
HowardPotts provided us some useful information about a potential security problem on our main website. He quickly answered all our questions. Thks!
@MalagaCarCom     22 September, 2020
    Twitter MalagaCarCom:
Thank you very much, now our website is more secure.
@kitnospt     22 September, 2020
    Twitter kitnospt:
Thanks for all the help and detailed reporting