NOMNOM SECURITY

Your findings must fit the criteria below:

  • A serious vulnerability (and not just a zero or low risk XSS)
  • Discovered during routine use of the service as an actual user – not via a pen test or by an automatic scan, which would have been unauthorized