Re: Security vulnerabilities affects core API authorization of gnu.org

Hi - > Does gnu.org has a bug bounty program or reporting bugs reward policy? You are not talking to gnu.org, you are talking to gcc.gnu.org admins. Maybe see webmast...@gnu.org. I am not aware of any sort of bug bounty in either site. - FChE

Re: Security vulnerabilities affects core API authorization of gnu.org

On 1/4/21 10:40 AM, Salah Mosbah wrote: > Hi Jeff, > > Does gnu.org  has a bug bounty program or reporting > bugs reward policy? I have no idea. jeff >

Re: Security vulnerabilities affects core API authorization of gnu.org

Hi Jeff, Does gnu.org has a bug bounty program or reporting bugs reward policy? On Mon, Jan 4, 2021 at 6:06 PM Jeff Law wrote: > > > On 1/4/21 3:23 AM, Salah Mosbah via Gcc wrote: > > Hi Janus, > > > > How can I report some high impact security vulnerabilities that I have > > found on gnu.org >

Re: Security vulnerabilities affects core API authorization of gnu.org

On 1/4/21 3:23 AM, Salah Mosbah via Gcc wrote: > Hi Janus, > > How can I report some high impact security vulnerabilities that I have > found on gnu.org > web app? > > Also, does gnu.org has a bug bounty program or reporting bugs reward policy? > > The vulnerabilities that I have found affects t

Security vulnerabilities affects core API authorization of gnu.org

Hi Janus, How can I report some high impact security vulnerabilities that I have found on gnu.org web app? Also, does gnu.org has a bug bounty program or reporting bugs reward policy? The vulnerabilities that I have found affects the core API of gnu.org which allows unauthorized users to get acc