8000 removed Square report as it's not public anymore · elamaran619/docs.hackerone.com@eb154fe · GitHub
[go: up one dir, main page]
Skip to content

Commit eb154fe

Browse files
stacyspivastacyspiva
committed
removed Square report as it's not public anymore
1 parent af40079 commit eb154fe

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

docs/programs/quality-reports.md

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,13 @@ path: "/programs/quality-reports.html"
44
id: "programs/quality-reports"
55
---
66
Hackers notify you of vulnerabilities by submitting reports to your inbox. Not all great vulnerability reports look the same, but many share these common features:
7-
*< 7D19 /span> Detailed descriptions of the hacker's discovery with clear, concise reproducible steps or a working proof-of-concept (POC). If the hacker doesn't explain the vulnerability in detail, there may be significant delays in the disclosure process, which is undesirable for everyone.
8-
* Screenshots and/or videos can assist your security teams to quickly reproduce the issue if your program accepts them. Make sure you state your policy regarding screenshots and videos on your security page and scope as not all programs accept them.
7+
* Detailed descriptions of the hacker's discovery with clear, concise reproducible steps or a working proof-of-concept (POC). If the hacker doesn't explain the vulnerability in detail, there may be significant delays in the disclosure process, which is undesirable for everyone.
8+
* Screenshots and/or videos can assist your security teams to quickly reproduce the issue if your program accepts them. Make sure you state your policy regarding screenshots and videos on your security page and scope as not all programs accept them.
99

1010
### Examples
1111
Here are some examples of publicly disclosed examples of good reports:
1212
* [Twitter disclosed on HackerOne: URGENT - Subdomain Takeover](https://hackerone.com/reports/32825)
1313
* [Shopify disclosed on HackerOne: Attention! Remote Code Execution](https://hackerone.com/reports/73567)
14-
* [Square disclosed on HackerOne: Delayed, fraudulent transactions](https://hackerone.com/reports/38682)
1514

1615
Some great resources for vulnerability report best practices are:
1716
* [Dropbox Bug Bounty Program: Best Practices](https://blogs.dropbox.com/tech/2015/08/dropbox-bug-bounty-program-best-practices-2/)

0 commit comments

Comments
 (0)
0