Submissions

The Submissions page lists all the issues reported by researchers on a program.

Submission Details

The Submission Details provides the information you need to investigate an issue reported by a researcher. All bug reports submitted to your program include the required information to help you reproduce and validate the issue.

To view the details for a submission, select a submission from the Submissions Inbox.

details

The Submission Details page appears for the submission you have selected. You can use the Collapse sidebar option to collapse the submission inbox and expand the submission details page. Use Expand sidebar to expand the submission inbox.

collapsible-sidebar

Each submission has the following information:

  • Title: The title or short description of the vulnerability report.
  • Details: Further details on the vulnerability discovered including what it is, what the possible security impact is, replication steps, and the proof of concept.
  • Priority: Priority is the severity of the submission. It can be between P1-P5, P1 being the most critical submission severity.
  • State: Identifies if a submission is in Open (New, Triaged), Accepted (Unresolved, Resolved, Informational), or Rejected (Out of scope, Not reproducible, Not acceptable) state.
  • VRT (Technical Severity): The severity level of the vulnerability based on a 1-5 scale (1 being critical) and the vulnerability classification based our Bugcrowd’s Vulnerability Rating Taxonomy (VRT).
  • Target: Identifies which target is affected by the vulnerability.
  • Bug URL: Identifies which URL is affected by the vulnerability.
  • CVSS Base: Bugcrowd’s Vulnerability Rating Taxonomy (VRT) is mapped to the CVSS scoring to calculate an automated CVSS score of the vulnerability - this score may be manually adjusted.
  • Attachments: Additional photos or videos to help provide further clarification or visual representation of a proof of concept.

Additional fields such as Application Version can be added to include further clarification on the submission. These fields will not be visible to the researchers and are intended for internal use. For more information, see additional fields.

Exporting PDFs for Submissions

You can export PDFs for each submission by clicking command+P (on Mac) or Ctrl+P (on Windows).

export-pdf

Click Save to save the PDF.


Onboarding
Account Management
Security Program Management
Engagement Management
Reporting
Submission Management
Integration Management