You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/programs/retesting.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -16,25 +16,25 @@ To have hackers retest a vulnerability:
16
16
17
17
The original hacker that submitted the vulnerability will be invited to take part in the retest.
18
18
19
-
After accepting the retest, the hacker will have 24 hours to confirm if the vulnerability has been properly fixed. If the hacker doesn’t finish the retest within 24 hours, their retest opportunity will expire and a different hacker will be able to claim the retest.
19
+
After accepting the retest, the hacker will have 24 hours to confirm if the vulnerability has been properly fixed. If the hacker doesn’t finish the retest within 24 hours, their retest opportunity will expire and a different hacker will be able to claim the retest.
20
20
21
21
The hacker will submit their findings in the **Retest findings** form at the bottom of the report. The form consists of these fields:
22
22
* Are you able to reproduce the vulnerability report?
23
23
* Please provide us with a short summary of how you retested the vulnerability and upload any attachments of your validations.
24
24
25
25
26
26
27
-
After the hacker submits their findings, you’ll be prompted to either Approve and resolve or Reject the retest.
27
+
After the hacker submits their findings, you’ll be prompted to either **Approve and resolve** or **Reject** the retest.
**Aprove and resolve** the retest | The hacker says the vulnerability is fixed. | The report will close and will be marked as *Resolved*. The hacker will also be awarded a $50 bounty.
35
+
**Approve and resolve** the retest | The hacker says the vulnerability is fixed. | The report will close and will be marked as *Resolved*. The hacker will also be awarded a $50 bounty.
36
36
**Reject** the retest | The hacker says the vulnerability is fixed. | You’ll need to provide a summary to the hacker explaining why you’ve rejected the retest. You can choose to request another retest for the report, by going back to step 1. <br><br>The status of the report will be changed to *Triaged*.
37
-
**Approve** the retest | The hacker says the vulnerability is not fixed. | The report will move back to Triaged and will stay open for the team to implement a fix. The hacker will be awarded a $50 bounty.
37
+
**Approve** the retest | The hacker says the vulnerability is not fixed. | The report will move back to *Triaged* and will stay open for the team to implement a fix. The hacker will be awarded a $50 bounty.
38
38
**Reject** the retest | The hacker says the vulnerability is not fixed. | You’ll need to provide a summary to the hacker explaining why you’ve rejected the retest. You can choose to request another retest for the report, by going back to step 1. <br><br>The status of the report will be changed to *Triaged*.
39
39
40
40
If the original hacker declines to take part in the retest and your program is:
0 commit comments