Never been triaged so many P1s like this before. Manual testing is still a thing for me.
Also loving the fast triage in 16 mins by #Timmy_Bugcrowd too.
Hope for the best !!
@Bugcrowd
Lightspeed Retail is exactly a scam. They denied all the reports and even mark my Stored XSS (showed evidence how an low-level user attack Admin) as Out of scope because they are aware of the issue?
I have officially joined in Bug Bounty campaigns since Sep 2023:
- Submit > 30 reports on @Bugcrowd and Meta
- 20 valid reports and 7 bounties from @Bugcrowd and Meta
- 0-day on an unofficial Wordpress plugin
Amazing 2023 and Happy new year 2024🎊
#BugBounty#Bugcrowd
In addition, the 1-click ATO is also marked as Info because they are aware of the issue internally again.
Such a bad program i have ever join in.
This is the Out-of-scope policy.
I’m struggling with sqli in programs in Bugcrowd. And it is great if i can collab with you for more knowledge and experience. P/s: i’m from Viettel Cyber Security as your previous collaborator 😅😅