A quick tool for generating quality bug bounty reports. View an example report.
Author:
Company:
Website:
Timestamp:
Type: Reflected Cross-Site Scripting (XSS) Stored Cross-Site Scripting (XSS) DOM Based Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) SQL Injection Local File Inclusion Remote File Inclusion XML External Entity Injection (XXE) Broken Authentication and Session Management Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Using Components with Known Vulnerabilities Unvalidated Redirects and Forwards
Severity: Critical High Low
Add Step
I recommend using direct links to images uploaded on imageshar.es or imgur.
Add Screenshot
If applicable, include source code. e.g. a sample size of code around the injected XSS. This helps identify the location of the vulnerability in their templating or project source code.
Include relevant information such as stipulations that are good to know that are not included in the steps and/or OWASP articles explaining vulnerability and possible solutions.
BBCode
HTML
Text
HackerOne