Quote from David on November 27, 2021, 5:49 pmReport Security issues in the report a security issue section only. Users who report security issues will be rewarded based on severity of the security issue.
Severity levels
- Minor glitch/bug that's code-based and not a temporary server fault that has few or no security ramifications
- Moderately severe bug/exploit with some security ramifications (example XSS, client side security issues)
- Severe exploit with serious security ramifications (i.e. active SQL injection or other server-side code execution)
Rewards might be doubled if a patch is provided. We will decide on a case-by-case basis whether the provided patch is enough to double the reward or not.
We will test the issues reported and provide rewards when the issues are patched.
Report Security issues in the report a security issue section only. Users who report security issues will be rewarded based on severity of the security issue.
Severity levels
- Minor glitch/bug that's code-based and not a temporary server fault that has few or no security ramifications
- Moderately severe bug/exploit with some security ramifications (example XSS, client side security issues)
- Severe exploit with serious security ramifications (i.e. active SQL injection or other server-side code execution)
Rewards might be doubled if a patch is provided. We will decide on a case-by-case basis whether the provided patch is enough to double the reward or not.
We will test the issues reported and provide rewards when the issues are patched.