Coordinated and Responsible Vulnerability Disclosure Free Bug Bounty Program 266,899 coordinated disclosures
156,714 fixed vulnerabilities
214,964 websites, 17,468 VIP websites
7,173 researchers, 6,915 subscribers

  Please, login via Twitter first

Coordinated and Responsible Vulnerability Disclosure

Here you can submit a vulnerability via the Open Bug Bounty following coordinated and responsible disclosure:

Use only non-intrusive testing techniques that will not affect confidentiality, integrity or availability of the website, any related data or infrastructure.
Notify website owner in a prompt and reliable manner to help fixing the vulnerability, follow ISO 29147 guidelines of responsible disclosure.
Avoid reporting any vulnerabilities that will unlikely be fixed by the website owner.
Follow technical submission guidelines, otherwise submission may be declined.

Vulnerability Details

Vulnerability type:
POST data: appication/x-www-form-urlencoded
POST data example:

* CMS name:


ISO 29147 Recommend Notification:
Notify subscribers:
A notification without technical details can be also sent to a specific security email you have for this submission. Please try to find the most appropriate one.
Send notification via twitter:
Automatic Disclosure:

  Latest Patched
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 18.09.2018
    Patched on 17.09.2018
    Patched on 17.09.2018
    Patched on 17.09.2018

  Recent Recommendations

    18 September, 2018
Thanks for the detailed report and the fast ans competent communication.
    18 September, 2018
Vielen Dank Armin für die gemeldete Schwachstelle. Wir könnten diese anhand deiner umfangreichen Informationen direkt beheben.
    18 September, 2018
Thank you very much Rui for informing us about XSS (Cross Site Scripting) problem! You really helped us a lot! Big thanks!
    17 September, 2018
I would like to thank Taha for his help to discover the security in our website, without his help we couldn't locate it or even solve it.

Many thanks.
    17 September, 2018
thanks a lot for reporting security vulnerability in our website. Great work and very supportive in case of additional questions.