Paid Add-On: To enable this feature on your program, contact your Account Manager.
Request Retest
Accepted Submissions Only: To request a retest a submission must be in the Unresolved or Resolved state. This is to ensure retesting adheres to the accepted submission workflow.
Retest Scope: When a retest is requested, only the original vulnerability submitted will be evaluated. Bypasses or variations of the vulnerability are not included in the retest.
To request a retest on a submission:
-
Go to the recently patched submission.
-
Scroll down the submission near the comment box, and click Request Retest.
-
Now the retest is in a pending state, based on the priority the submission, the retest will be completed within the applicable SLA.
One retest at a time: A retest can only be requested on a submission if it is not already pending.
Successful Retest Response
If the vulnerability is not present upon retest, the Bugcrowd ASE will mark the retest as patched. When this is done, the submission will auto update to the Resolved state.
Failed Retest Response
If the vulnerability is present upon retest, the Bugcrowd ASE will mark the retest as failed. When this is done, the submission will auto update to the Unresolved state.
Once the vulnerability is re-patched, one can re-request a retest on the submission, following the same process as above.
Note, we’ll send an email to anyone subscribed to the submission with updates on the retest outcome.
Limited retesting per submission: Each submission can be retested a maximum of five times.
