Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
491,450 coordinated disclosures
267,977 fixed vulnerabilities
660 bug bounties with 1,338 websites
13,608 researchers, 1029 honor badges

How create xml report file via Burp Suite

1. Reproduce the vulnerability using Burp Suite

2. Proxy - HTTP History tab should contain at least 3 HTTP requests

  • First request with page contents for CSRF exploitation
  • Second request – the actual exploitation of CSRF vulnerability
  • Third request with page contents after CSRF exploitation

3. Add comments to request, as shown below


4. Select the requests and save them into file


5. Send the saved file using report form.

  Latest Patched

 19.01.2020 who.int
 18.01.2020 rankz.io
 17.01.2020 legis.iowa.gov
 17.01.2020 freeads.co.uk
 17.01.2020 smartbox.com
 17.01.2020 catalog.usmint.gov

  Latest Blog Posts

16.01.2020 by Open Bug Bounty
Brief Recap of Open Bug Bounty’s Record Growth in 2019
12.01.2020 by JCQ_47
WAF Cloudflare Bypass XSS at Nexusmods.com
08.01.2020 by devl00p
Top 100 Open Redirect dorks
08.01.2020 by Rando02355205
XSS WAF Bypassed
31.12.2019 by Open Bug Bounty
Happy bug hunting in 2020, let’s make Web secure with Open Bug Bounty!

  Recent Recommendations

    18 January, 2020
     damnitjim:
Thanks for taking the time to report the weaknesses and really appreciate the wapiti tool that you've developed.
    17 January, 2020
     gexsi_search:
Many thanks for your support!
    17 January, 2020
     smay84:
Thank you for your quick response and helpful information.
    17 January, 2020
     RohitIn20189381:
Great job on finding that XSS.
    17 January, 2020
     uniteddomains:
Miguel helped us to identify several bugs in our wordpress instances. His reports were sufficiently detailed and communication was flawless and fast. Thank you very much!