Com Olho Knowledge Base
  • 👋Welcome to Com Olho Knowledge Base
  • Overview
    • 💡What we do
    • ✨Our Features
  • Researcher Guide
    • 📪Signing Up
    • 👩‍🏫Creating User Profile
    • 📽️Selecting Programs
    • 📎Making Submissions
    • 💰Invoices and Receipts for Your Rewards
  • Organisation Guide
  • ⛏️Signing Up
  • 🎣Listing Bug Bounty Program
  • ⏮️Reviewing Submissions
  • 🖋️Awarding Bounty
  • 👩‍💻Alias Management
  • 👨‍💻Stakeholder Management
  • Fundamentals
    • 🛠️Getting set up
      • 📝Participating in CTF
      • 🧑Watching Coding Workshops
  • Use Cases
    • 🔎For Researchers
    • ℹ️For Organisations
  • Integrations
    • Jira Integration
    • Zoho Desk Integration
Powered by GitBook

COM OLHO IT PRIVATE LIMITED

On this page
  1. Researcher Guide

Making Submissions

PreviousSelecting ProgramsNextInvoices and Receipts for Your Rewards

Last updated 10 months ago

Description:

  • Introduction: When submitting a report, it is essential to provide comprehensive details to help the reviewing team understand and validate the vulnerability. This ensures a thorough assessment and appropriate action.

  • Purpose: Detailed reports facilitate accurate validation, efficient remediation, and appropriate rewarding of the vulnerability.

Content:

  • Required Details for Report Submission:

    1. Title:

      • Provide a concise and descriptive title for the vulnerability.

      • Example: "SQL Injection in Login Page"

    2. Target:

      • Specify the target application, page, or endpoint where the vulnerability was found.

    3. Severity:

      • Assess the severity level of the vulnerability (Low, Medium, High, Critical).

      • Example: "High, Low, etc"

    4. Vulnerability Type:

      • Select the type of vulnerability (e.g., SQL Injection, Cross-Site Scripting, etc.).

      • Example: "SQL Injection, Buffer Overflow, Insecure API etc."

    5. Description:

      • Provide a detailed description of the vulnerability.

      • Include relevant information to understand the context and nature of the issue.

    6. Steps to Reproduce:

      • List the detailed steps to reproduce the vulnerability.

      • Ensure clarity and precision for the reviewing team to follow.

      • Example:

        1. Go to the login page.

        2. Enter ' OR '1'='1 in the username field.

        3. Enter any value in the password field.

        4. Submit the form and observe successful login.

    7. Potential Impact:

      • Explain the potential impact and consequences of the vulnerability if exploited.

      • Example: "An attacker can gain unauthorized access to user accounts, compromising sensitive information."

    8. Recommendation:

      • Provide suggestions for fixing the vulnerability.

      • Example: "Use prepared statements to prevent SQL Injection."

    9. Screenshots:

      • Attach relevant screenshots to support your findings.

      • Include visual evidence of the vulnerability and steps to reproduce.

Guidelines:

  • Clarity: Ensure all information is clear and easy to understand.

  • Completeness: Provide all required details to avoid delays in the review process.

  • Accuracy: Verify all information before submission to prevent errors.

Common Issues and Solutions:

  • Incomplete Reports:

    • Double-check the report for all required details before submission.

    • Use the provided guidelines and examples as a reference.

  • Unclear Descriptions:

    • Be as descriptive as possible.

    • Include relevant technical details and context.

FAQs:

  • What if I am unsure about the severity level?

    • Provide your best assessment and mention any uncertainties in the description.

  • Can I update my report after submission?

    • Yes, you can update your report before it is reviewed. Contact support if you need assistance.

Contact Support:

  • If you encounter any issues, please reach out to our support team at support@comolho.com.

📎
Report Demo