| ▲ | jijijijij 18 hours ago | ||||||||||||||||
I wasn't aware they are gone. It's not my game, replace with whatever shady exploit trader/market out there. | |||||||||||||||||
| ▲ | tptacek 18 hours ago | parent [-] | ||||||||||||||||
I do not in fact think you would make a lot more than $4000, or even $4000 in the first place, for an Apple XSS bug, unless it was extraordinarily situationally powerful (for instance, a first-stage for a clean, direct RCE). Bounty prices have nothing at all to do with the worst-case damage a motivated actor could cause with a vulnerability. | |||||||||||||||||
| |||||||||||||||||