neox Posted July 13, 2015 Report Posted July 13, 2015 In the competitive world of bug bounties there are many strategies that work. One approach that works particularly well is looking for critical vulnerabilities that result in a bigger reward and better recognition. Critical vulnerabilities also have lower rates of duplicate reports, which means greater odds that you are first to find. This post talks about a type of critical vulnerability that can be found in web applications, the XML External Entity or as it is better known, XXE.https://blog.bugcrowd.com/advice-from-a-researcher-xxe/ Quote
