Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
534,763 coordinated disclosures
336,752 fixed vulnerabilities
791 bug bounties with 1,562 websites
16,077 researchers, 1105 honor badges

  Please, login via Twitter first




Coordinated and Responsible Vulnerability Disclosure

Here you can submit a vulnerability via the Open Bug Bounty following coordinated and responsible disclosure:

Use only non-intrusive testing techniques that will not affect confidentiality, integrity or availability of the website, any related data or infrastructure.
Notify website owner in a prompt and reliable manner to help fixing the vulnerability, follow ISO 29147 guidelines of responsible disclosure.
Avoid reporting any vulnerabilities that will unlikely be fixed by the website owner.
Follow technical submission guidelines, otherwise submission may be declined.

Vulnerability Details

Vulnerability type:
* XSS URL:
POST data: appication/x-www-form-urlencoded
POST data example:


key1=value1&key2=value2
           
Cookies:
* CMS name:

Notifications

ISO 29147 Recommend Notification:
Notify subscribers:
A notification without technical details can be also sent to a specific security email you have for this submission. Please try to find the most appropriate one.
Send notification via twitter:
Automatic Disclosure:
 


  Latest Patched

 06.06.2020 ebi.ac.uk
 06.06.2020 cnbctv18.com
 06.06.2020 trueplookpanya.com
 06.06.2020 cornell.edu
 05.06.2020 moneycontrol.com
 05.06.2020 whtop.com
 05.06.2020 micvideal.es
 05.06.2020 polito.it
 04.06.2020 psu.kz
 04.06.2020 meishij.net

  Latest Blog Posts

04.04.2020 by Rando02355205
(Alibaba) message.alibaba.com [IDOR] - [Bug Bounty]
12.03.2020 by Rando02355205
(Paypal) www.paypal.com [CSP High Level] - [XSS Reflected] - [Bug Bounty] - [Write Up]
08.03.2020 by CybeReports
JDECO.net XSS Vulnerability| CybeReports
29.02.2020 by Rando02355205
(Google) groups.google.com - [Stored XSS] - [Bug Bounty] - [WriteUp] - [24/02/2020]
10.02.2020 by 0xrocky
Stored XSS on h2biz.net

  Recent Recommendations

    4 June, 2020
     vovsoft:
Thank you for making the web a better place.
    4 June, 2020
     LKee6r:
Research privately disclosed XSS vulnerability. Thank you for the notification!
    3 June, 2020
     viewbug:
Thank you for helping us make our product safer. We appreciate how you reported the vulnerability and the detailed explanation with what could be done if left unattended. Really helpful :)
    2 June, 2020
     haneynj:
Rajesh noted we had some vulnerabilities on one of our sites. When we reached out, he was helpful and shared his report. Thank you for reporting.
    2 June, 2020
     haraldbro:
Thank you for helping us identify an XSS. The description of the vulnerability was clear and allowed us to make a fix quickly.