Bug Bounty Hunting Essentials
上QQ阅读APP看书,第一时间看更新

Nonqualifying vulnerabilities

This section lists all of the vulnerabilities that are explicitly out of scope. It lists the vulnerabilities that have been reported before or are not considered as critical enough to be reported. This is usually a long list of vulnerabilities that include commonly reported issues, such as:

  • Bugs in content/services that are not owned/operated by the program
  • Vulnerabilities affecting users of unsupported browsers
  • Subdomain takeovers for out-of-scope domains
  • Self-XSS or XSS bugs requiring an unlikely amount of user interaction
  • CSRF on forms that are available to anonymous users
  • Clickjacking that is, user interface hijacking on static pages
  • Error messages
  • HTTP 404 codes/pages or other HTTP non-200 code/pages
  • Fingerprinting banner disclosure-public information disclosure
  • Disclosure of known public files or directories+
  • Scripting or other automation and brute forcing of intended functionalities
  • Presence of application or web browser "autocomplete" or "save password" functionality
  • Lack of secure and HttpOnly cookie flags
  • HTTPS mixed content
  • Missing HTTP security headers, specifically-Strict-Transport-Security, X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, and Content-Security-Policy