| ▲ | arcwhite 3 days ago |
| It's actually pretty on-par for most bug bounties. They used the same exploit on a few programs and got $11k total which ain't bad return on time. |
|
| ▲ | sans_souse 3 days ago | parent [-] |
| No I know it's on par I guess better rephrasing would be the par is still too low |
| |
| ▲ | arcwhite 3 days ago | parent [-] | | Compared to what? What's your baseline for how much a user-interaction-required XSS vulnerability should be worth? | | |
| ▲ | sans_souse 3 days ago | parent [-] | | I'm not basing it on math. Are you saying tho that 2.5k wouldhave been adequate in 2019? I expect 5k would have been on par then too. But idk |
|
|
