- Bug Bounty Hunting Essentials
- Carlos A. Lozano Shahmeer Amir
- 81字
- 2021-06-10 18:35:30
Clarity
The report should be clear and should not misguide the reader into thinking that the researcher is being pushy. The following is an example of a report that sounds unclear:
"I would like to report a very critical using which you can takeover user accounts and should be fixed ASAP."
However, a clear description may contain the following sentence:
"This report contains technical details about a vulnerability in the password reset function which can allow users to take over accounts."