Anyone have direct experience with the Yandex Bug Bounty program, good or bad? http://bit.ly/XteQuq
@fransrosen could you expand on that in email please? jericho@ just after more detail on process / results, ease of use, etc.
-
-
@attritionorg Sent email report, 2 Stored XSS on non key services, $160 each. Time Lapsed: 5 jan – 17 jan. Hope that helps you. -
@fransrosen did yandex reply to you after you submitted the bug or once it was fixed? I reported a vuln on feb 14th, fixed now, no reply yet
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.