API Changelog

Stay up to date on the API including versioning, new data and improvements

Subscribe to API specific updates at https://docs.bugcrowd.com/feed/changelogs/api_webhook.xml.

Nov 17th, 2021

New token deprecation warning for the legacy (v3) API

    Deprecated
  • The legacy (v3) API will now 404 if used with a new auth token

Nov 9th, 2021

New field and button to copy raw request body from webhook delivery page

    Added
  • New field and button to copy raw request body from webhook delivery page

Oct 28th, 2021
Apr 16th, 2021

Updated with VRT 1.10

    Added
  • Introduced a variant for OAuth Accounting Squatting classified as a P4

  • Secure Code Warrior developed a VRT mapping to their developer training

  • Improved
  • Extended support for Automotive categorization, developed in collaboration with Stellantis.

  • Downgraded all Flash-based entries to a rating of P5

  • Improved existing remediation advice for a number of entries

  • Simplified Weak Login Function entries with a baseline severity rating of P4

Mar 11th, 2021

Bugfix for state filter on /submissions

    Fixed
  • Filtering for submissions in new state does not return any

Jan 25th, 2021
Jan 20th, 2021
Nov 19th, 2020
Sep 1st, 2020

API Token usage

    Added
  • Visibility into usage of API tokens across the team

Mar 14th, 2019

Updating to VRT 1.7

    Added
  • Automative Security Misconfiguration category

  • Sensitive Data Exposure > Weak Password Reset Implementation > Token Leakage via Host Header Poisoning as a new P2 variant, which is consistent with how this issue has been triaged by Bugcrowd’s Application Security Engineers so far.

  • Two new P4’s related to 2FA Secret Management

  • Improved
  • Remediation Advice links to latest OWASP Documentation

Feb 16th, 2019

Comparison Operators for Dates

    Improved
  • Tokenized date search

Dec 17th, 2018

File Support Update

    Improved
  • Platform supports 100MB for all file uploads

Nov 2nd, 2018
Oct 26th, 2018
Aug 7th, 2018
Jul 2nd, 2018
Jun 19th, 2018

Updating to VRT 1.4

Oct 4th, 2017

Introducing VRT 1.3

    Improved
  • VRT v1.3 is shipped

Sep 1st, 2017

Advanced API Documentation

    Added
  • New API docs are available.

  • created_at DateTime within the Comment Object

Jul 26th, 2017

VRT Goes Open Source

    Added
  • VRT gem is now open sourced