Making Submissions

Description:

Introduction: When submitting a report, it is essential to provide comprehensive details to help the reviewing team understand and validate the vulnerability. This ensures a thorough assessment and appropriate action.
Purpose: Detailed reports facilitate accurate validation, efficient remediation, and appropriate rewarding of the vulnerability.

Content:

Required Details for Report Submission:
1. Title:
  - Provide a concise and descriptive title for the vulnerability.
  - Example: "SQL Injection in Login Page"
2. Target:
  - Specify the target application, page, or endpoint where the vulnerability was found.
3. Severity:
  - Assess the severity level of the vulnerability (Low, Medium, High, Critical).
  - Example: "High, Low, etc"
4. Vulnerability Type:
  - Select the type of vulnerability (e.g., SQL Injection, Cross-Site Scripting, etc.).
  - Example: "SQL Injection, Buffer Overflow, Insecure API etc."
5. Description:
  - Provide a detailed description of the vulnerability.
  - Include relevant information to understand the context and nature of the issue.
6. Steps to Reproduce:
  - List the detailed steps to reproduce the vulnerability.
  - Ensure clarity and precision for the reviewing team to follow.
  - Example:
    Go to the login page.
    Enter ' OR '1'='1 in the username field.
    Enter any value in the password field.
    Submit the form and observe successful login.
7. Potential Impact:
  - Explain the potential impact and consequences of the vulnerability if exploited.
  - Example: "An attacker can gain unauthorized access to user accounts, compromising sensitive information."
8. Recommendation:
  - Provide suggestions for fixing the vulnerability.
  - Example: "Use prepared statements to prevent SQL Injection."
9. Screenshots:
  - Attach relevant screenshots to support your findings.
  - Include visual evidence of the vulnerability and steps to reproduce.

Guidelines:

Clarity: Ensure all information is clear and easy to understand.
Completeness: Provide all required details to avoid delays in the review process.
Accuracy: Verify all information before submission to prevent errors.

Common Issues and Solutions:

Incomplete Reports:
- Double-check the report for all required details before submission.
- Use the provided guidelines and examples as a reference.
Unclear Descriptions:
- Be as descriptive as possible.
- Include relevant technical details and context.

FAQs:

What if I am unsure about the severity level?
- Provide your best assessment and mention any uncertainties in the description.
Can I update my report after submission?
- Yes, you can update your report before it is reviewed. Contact support if you need assistance.

Contact Support:

If you encounter any issues, please reach out to our support team at support@comolho.com.

PreviousSelecting Programs NextInvoices and Receipts for Your Rewards

Last updated 10 months ago

Description:

Introduction: When submitting a report, it is essential to provide comprehensive details to help the reviewing team understand and validate the vulnerability. This ensures a thorough assessment and appropriate action.
Purpose: Detailed reports facilitate accurate validation, efficient remediation, and appropriate rewarding of the vulnerability.

Content:

Required Details for Report Submission:
1. Title:
  - Provide a concise and descriptive title for the vulnerability.
  - Example: "SQL Injection in Login Page"
2. Target:
  - Specify the target application, page, or endpoint where the vulnerability was found.
3. Severity:
  - Assess the severity level of the vulnerability (Low, Medium, High, Critical).
  - Example: "High, Low, etc"
4. Vulnerability Type:
  - Select the type of vulnerability (e.g., SQL Injection, Cross-Site Scripting, etc.).
  - Example: "SQL Injection, Buffer Overflow, Insecure API etc."
5. Description:
  - Provide a detailed description of the vulnerability.
  - Include relevant information to understand the context and nature of the issue.
6. Steps to Reproduce:
  - List the detailed steps to reproduce the vulnerability.
  - Ensure clarity and precision for the reviewing team to follow.
  - Example:
    Go to the login page.
    Enter ' OR '1'='1 in the username field.
    Enter any value in the password field.
    Submit the form and observe successful login.
7. Potential Impact:
  - Explain the potential impact and consequences of the vulnerability if exploited.
  - Example: "An attacker can gain unauthorized access to user accounts, compromising sensitive information."
8. Recommendation:
  - Provide suggestions for fixing the vulnerability.
  - Example: "Use prepared statements to prevent SQL Injection."
9. Screenshots:
  - Attach relevant screenshots to support your findings.
  - Include visual evidence of the vulnerability and steps to reproduce.

Guidelines:

Clarity: Ensure all information is clear and easy to understand.
Completeness: Provide all required details to avoid delays in the review process.
Accuracy: Verify all information before submission to prevent errors.

Common Issues and Solutions:

Incomplete Reports:
- Double-check the report for all required details before submission.
- Use the provided guidelines and examples as a reference.
Unclear Descriptions:
- Be as descriptive as possible.
- Include relevant technical details and context.

FAQs:

What if I am unsure about the severity level?
- Provide your best assessment and mention any uncertainties in the description.
Can I update my report after submission?
- Yes, you can update your report before it is reviewed. Contact support if you need assistance.

Contact Support:

If you encounter any issues, please reach out to our support team at support@comolho.com.