We are now encouraging whitehats to provide Gist files when they plan to include a link to an external proof of concept (PoC) in a bug report. This is because Gist is more secure than other external services, and it opens fewer security vectors for projects.
When you go to fill out a bug report, you will see that the PoC Section has been updated.
You can either provide your PoC in the text box, or you can provide a link to an external Gist PoC.
If you choose to provide a link to an external PoC that is not a Gist file, you can still submit the report, but be aware that some projects require submitting a Gist PoC as part of their bug bounty program. If this is the case, the project is free to close your report if you provide another external link. That is why we strongly recommend that you use Gist.
Comments
0 comments
Article is closed for comments.