this post was submitted on 14 Jan 2021
-4 points (35.7% liked)

Asklemmy

44919 readers
2311 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
-4
I found a pretty serious vulnerability on lemmy, is there a bug bounty? (lemmy.ml)
submitted 4 years ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Hi, sorry for posting like this behind an alt account but I don't want to get banned on my main account as I'm quite active on here.

I'm not going to share too much details about the bug since then I'm sure other people could duplicate it and I don't want that to happen.

I found a security vulnerability on lemmy, and it's rather serious, I found it while playing around on the site and it endangers other users so I wanted to know where I could report it?

While caring about lemmy and it's users as if I found it anyone could, I don't want to let these hours go to waste so I'm asking if there is a way I can receive payment for my work?

I just want to know who to contact or perhaps they see this post and contact me. If you want to contact me my discord is Styro#1195.

I hope I hear from you.

sincerely, a security researcher.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 4 points 4 years ago (2 children)

@[email protected] @[email protected]

[โ€“] [email protected] 2 points 4 years ago (1 children)

So is there a bug bounty program?

[โ€“] [email protected] 3 points 4 years ago

No clue, they're the devs