[xss] at&t

[akkiliON]

• Exploit: *.att.com - Cross-Site-Scripting Reflected
  
• Site link: att.com
  
• Reported
  
• PoC:
  

[dirtycash]

Felicitari! Ceva reward?

[Darkb0t]

Akkilion congrats, good job

you received as reward $$ ?

[akkiliON]

Mno, ce mesaj am primit de la AT&T.

Please ask thé vendor to add an inked signature à thé W8 and foreign questionnaire

// Solved

Edited December 16, 2013 by akkiliON

[akkiliON]

Un mesaj de la AT&T. Scuze de double-post. Am raportat multe vulnerabilit??i.

We are pleased to let you know that AT&T has successfully remediated the vulnerability you disclosed.

We truly appreciate and want to recognize your help in improving the security of AT&T by listing your name on the AT&T Bug Bounty Hall of Fame, if it is not already included. Please let us know how you would like your name to appear on our AT&T Bug Bounty Hall of Fame. By providing the response, you are granting AT&T permission to publish your name as a contributor.

Additionally, you will be considered for a 4Q13 Top 10 Reporter Award recognition which, if selected, will provide you with a monetary payout. You will be notified in a separate communication if you have been selected.

Thank you again for your participation in the AT&T Bug Bounty Program.

Sincerely,

AT&T BugBounty Team

[akkiliON]

#Update:

https://bugbounty.att.com/hof.php

[nacks]

... astept si eu dupa Hall of Fame ... TOP 10

Additionally, you will be considered for a 1Q14 Top 10 Reporter Award recognition which, if selected, will provide you with a monetary payout. You will be notified in a separate communication if you have been selected.



Thank you again for your participation in the AT&T Bug Bounty Program.  

Edited April 26, 2014 by nacks

[akkiliON]

Eu sunt mul?umit ?i cu atât.

[nacks]

... si eu, doar poate ne vedem si in top ... nu ar fi rau ... (eu am doar doua vulnerabilitati raportate la ei)