Jump to content
akkiliON

XSS Reflected - www.apple.com

By akkiliON, in Bug Bounty

Recommended Posts

  • Active Members
akkiliON Collaborator

akkiliON

Posted
  • Active Members
Posted

Un XSS Reflected in www.apple.com. Raportul a fost acceptat. Nu sunt sigur daca o sa primesc vreo recompensa, dar am sa va zic.

 

izpDk0W.jpg

 

 

 

Issues eligible for public acknowledgment.

We review all issues reported to us, and all legitimate services issues are eligible for public acknowledgement. While we request that you report all issues, the following issues are eligible for bounty reward payments only if they’re evaluated as novel or high impact based on Apple’s discretion.

 

  • Open Redirects
  • Reflected or Self XSS
  • Bugs requiting exceeding unlikely user interaction
  • Cross-site request forgery vulnerabilities where the only impact is logout
  • Banner Grabbing or Service Versions without a vulnerability or PoC
  • Rate Limiting unless credentials are able to be guessed
  • External and Public Credential Dumps
  • Denial of Service vulnerabilities
  • Username enumeration unless some personal identifiable information is disclosed like email or phone number
  • Report from automated tools or scanners where the vulnerability is not proven
  • Expired Certificates
  • DMARC/SPF Misconfiguration concerns
  • Social engineering
  • Properties that are not owned or operated by Apple

 

Link: https://security.apple.com/bounty/categories/

  • Thanks 3
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...