-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
馃毃 Potential Improper Access Control #175
Comments
@huntr-helper Do you guys accept payment in Bitcoin Lightning? |
@adam-nygate - bump 馃憡 |
@Sword-Smith - thanks for the question! We do not accept Bitcoin Lightning, but we can accept standard Bitcoin. Would this work for you? |
A regular Bitcoin transaction would work since the fees are low at the moment. |
@Sword-Smith - feel free to use our public BTC address Cheers! 馃帀 |
So what do I send to this address? 10 USD to have the issue revealed, and 5 USD to set a bounty to fix it? |
Ah sorry for the confusion. No payment is required to access the report. We give access to the maintainer(s) of the repository either via magic-link or once they've logged in to the platform. We welcome the sponsoring of reports/fixes via multiple payment methods. |
No problem. Sent you 15 USD anyway in ee592e86b72109ecf09da62d5729f3f3312a227d029d57241898ac3a0b9af659 |
|
Let me know how you want to proceed with the report, and will make sure you get access! 馃帀 |
Just a heads up that our BTC address is:
|
馃憢 Hello, @athas - a potential high severity Improper Access Control vulnerability in your repository has been disclosed to us.
Next Steps
1锔忊儯 Visit https://huntr.dev/bounties/1-other-athas/EggsML for more advisory information.
2锔忊儯 Sign-up to validate or speak to the researcher for more assistance.
3锔忊儯 Propose a patch or outsource it to our community - whoever fixes it gets paid.
Confused or need more help?
Join us on our Discord and a member of our team will be happy to help! 馃
Speak to a member of our team: @JamieSlome
This issue was automatically generated by huntr.dev - a bug bounty board for securing open source code.
The text was updated successfully, but these errors were encountered: