Welcome to Bugcrowd's Product Documentation Center

You'll find comprehensive guides and documentation to help you start working with Bugcrowd as quickly as possible.

Changelog

 

Keep update with changes via our Changelog

Authentication

 

The Bugcrowd API provides two different authentication schemes: token auth and basic auth.

Access tokens and basic auth credentials are provisioned on a per-user basis and provide authorization to resources based on the user's role.

Multiple access tokens can be provisioned per user, and it is possible to revoke access to a token whenever needed by the deleting that token.

Provisioning Credentials

To provision an access credentials, log in to Bugcrowd and browse to the Personal Settings page by clicking on your profile picture and selecting Personal Settings from the drop-down menu.

On the sub-navigation bar, click on API Access, the following screen will be presented:

Enter a descriptive name for the credentials, usually the name of the application you will be creating to access the API, then click Create API Credentials.

A section will be displayed containing both basic auth and token auth credentials. Please record these credentials before leaving the page, they are only displayed upon creation and won't be viewable after the page is refreshed.

Note: the authorization tokens used in this reference are example tokens only, you will need to generate your own tokens for use with the API.

Token Authentication

To access the API using token authentication, use the provided Authorization request header:

curl --include \
     --header "Accept: application/vnd.bugcrowd+json" \
     --header "Authorization: Token gvnzkgmklo:gPYS2SMN3zJ_k-QAEvyMAcr_PqsGlA-vJ2voA7ysZ635GlT_VZdr2Sg3_YCctkM3SwnBtDCn" \
  'https://api.bugcrowd.com/bounties'

Basic Authentication

To access the API using basic authentication, use the provided username and password. In this example we're using curl's - -user option:

curl --include \
     --header "Accept: application/vnd.bugcrowd+json" \
     --user "gvnzkgmklo:gPYS2SMN3zJ_k-QAEvyMAcr_PqsGlA-vJ2voA7ysZ635GlT_VZdr2Sg3_YCctkM3SwnBtDCn" \
  'https://api.bugcrowd.com/bounties'

Accept Header

 

To request resources from the Bugcrowd API, please include either of the following Accept headers in the request.

Accept: application/json
Accept: application/vnd.bugcrowd+json

Content Types

The Bugcrowd API always returns the following Content-Type header.

Content-Type: application/json

Additional Media Headers

Each response from the API will contain a custom Bugcrowd header specifying the type of media returned in the response body:

X-Bugcrowd-Media-Type: bugcrowd.v3; format=json

Markdown Properties

Some Bugcrowd resources use Markdown fields to allow for rich text functionality. Markdown fields can be retrieved or set in Markdown format only. Check the specific API doc page for each resource to see more information about Markdown enabled fields.

Bounty

 

Bounty Object

 
Attribute
Type or Potential Values
Notes

uuid

UUID

bounty_type

ongoing or flex

custom_field_labels

description_markdown

Text

ends_at

DateTime | nil

high_rewards

Integer

low_rewards

Integer

participation

open or private

points_only

Boolean

starts_at

DateTime

targets_overview_markdown

Text

tagline

String

total_prize_pool

Integer

Total added to pool (USD)

remaining_prize_pool

Integer

Amount (USD) of prize pool remaining

trial

Boolean

status

pending, live, closed

service_level

self_managed, triage, validation

organization

{
  "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
  "bounty_type": "ongoing",
  "code": "acmedynamite",
  "custom_field_labels": [
    {
      "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
      "field_name": "field1"
    }
  ],
  "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
  "ends_at": null,
  "high_reward": 20000,
  "low_reward": 100,
  "name": "Acme Dynamite",
  "participation": "open",
  "points_only": true,
  "starts_at": "2016-12-01T00:00:00.000Z",
  "targets_overview_markdown": "",
  "tagline": "Have a blast hacking on Acme products!",
  "total_prize_pool": 100000,
  "remaining_prize_pool": 50000,
  "trial": false,
  "status": "live",
  "service_level": "validation",
  "organization": {
    "uuid": "cba2bc6f-677b-434e-98d1-68b21d3bfd76",
    "name": "The Acme Corporation"
  }
}

View Bounties

 
gethttps://api.bugcrowd.com/bounties
curl --request GET \
  --url https://api.bugcrowd.com/bounties \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/bounties',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/bounties");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "bounties": [
    {
      "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
      "bounty_type": "ongoing",
      "code": "acmedynamite",
      "custom_field_labels": [
        {
          "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
          "field_name": "field1"
        }
      ],
      "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
      "ends_at": null,
      "high_reward": 20000,
      "low_reward": 100,
      "name": "Acme Dynamite",
      "participation": "open",
      "points_only": true,
      "starts_at": "2016-12-01T00:00:00.000Z",
      "targets_overview_markdown": "",
      "tagline": "Have a blast hacking on Acme products!",
      "total_prize_pool": 100000,
      "remaining_prize_pool": 50000,
      "trial": false,
      "status": "live",
      "service_level": "validation",
      "organization": {
        "uuid": "cba2bc6f-677b-434e-98d1-68b21d3bfd76",
        "name": "The Acme Corporation"
      }
    }
  ]
}

Query Params

offset
int32

Number of bounties to offset the request by

limit
int32

Number of bounties to return in this request

Headers

Accept
string
required
 

Your Bugcrowd organization will contain one or more bounties. To retrieve a list of bounties belonging to your organization, use the following request:

Retrieve a Bounty

 
gethttps://api.bugcrowd.com/bounties/uuid
curl --request GET \
  --url https://api.bugcrowd.com/bounties/uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/bounties/uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/bounties/uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "bounty": [
    {
      "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
      "bounty_type": "ongoing",
      "code": "acmedynamite",
      "custom_field_labels": [
        {
          "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
          "field_name": "field1"
        }
      ],
      "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
      "ends_at": null,
      "high_reward": 20000,
      "low_reward": 100,
      "name": "Acme Dynamite",
      "participation": "open",
      "points_only": true,
      "starts_at": "2016-12-01T00:00:00.000Z",
      "targets_overview_markdown": "",
      "tagline": "Have a blast hacking on Acme products!",
      "total_prize_pool": 100000,
      "remaining_prize_pool": 50000,
      "trial": false,
      "status": "live",
      "service_level": "validation",
      "organization": {
        "uuid": "cba2bc6f-677b-434e-98d1-68b21d3bfd76",
        "name": "The Acme Corporation"
      }
    }
  ]
}

Path Params

uuid
string
required

Bounty UUID

Headers

Accept
string
required
 

Custom Field Labels

 

Intro to Custom Fields

Custom fields are made up of labels, which are configured on the bounty, and values which are set on a submission.

On the Bounty

custom_field_labels is a column on bounty and each is referenced by its unique field_id, they are a nested resource on the bounty. The custom_field_labels object has the form:

On the Submission

custom_fields is a column on a submission that has a key value mapping between a field_name and its value for that submission like so:

[
  {
    "field_id": "myid",
    "field_name": "myname"
  },
  {
    "field_id": "otherid",
    "field_name": "othername"
  }
]
{
  "myname": "myvalue",
  "othername": "othervalue"
}

Custom Field Label Object

 
Attribute
Type or Potential Values
Notes

field_id

UUID

field_name

String

{
  "field_id":"ae479a35-1a22-4469-a792-dadeeac0a065",
  "field_name":"my field"
}

View Custom Field Labels

 
gethttps://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels
curl --request GET \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "custom_field_labels": [
    {
      "field_id":"ae479a35-1a22-4469-a792-dadeeac0a065",
      "field_name":"my field"
    }
  ]
}

Path Params

bounty_uuid
string
required

Bounty's UUID

Headers

Accept
string
required
 

All custom field labels will be serialized with a bounty, but also have their own endpoint.

Create a Custom Field Label

 
posthttps://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels
curl --request POST \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'POST',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("POST", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "field_id":"4662f91f-f3ff-439e-871a-e5028be18c47",
  "field_name":"new_label"
}

Path Params

bounty_uuid
string
required

Bounty's UUID

Body Params

field_name
string
required

The name of the field to appear on all submissions. The length of the name is limited to 32 characters.

Headers

Accept
string
required
 

All custom field labels will be serialized with a bounty, but also have their own endpoint.

Update a Custom Field Label

 
puthttps://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid
curl --request PUT \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'PUT',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Put.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("PUT", "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("PUT", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "field_id":"3ad4c85c-6e15-40d1-9fcd-664b500678c7",
  "field_name":"updated_label"
}

Path Params

bounty_uuid
string
required

Bounty's UUID

field_uuid
string
required

Custom Field's UUID

Body Params

field_name
string
required

The name of the field to appear on all submissions. The length of the name is limited to 32 characters.

Headers

Accept
string
required
 

All custom field labels will be serialized with a bounty, but also have their own endpoint.

Delete a Custom Field Label

 
deletehttps://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid
curl --request DELETE \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'DELETE',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Delete.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("DELETE", "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/custom_field_labels/field_uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("DELETE", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

[
  {
    "field_name":"another_custom_field",
    "field_id":"d2ae5423-d2a3-4348-bcc0-9f6ffa2396a6"
  }
]

Path Params

bounty_uuid
string
required

Bounty's UUID

field_uuid
string
required

Custom Field's UUID

Headers

Accept
string
required
 

All custom field labels will be serialized with a bounty, but also have their own endpoint.

Manage Custom Field Values

 

Custom fields will be serialized on the submission resource. To view, or update these values, please refer to the submission documentation.

Organization Object

 
Attribute
Type or Potential Values
Notes

uuid

UUID

name

String

{
  "uuid": "cba2bc6f-677b-434e-98d1-68b21d3bfd76",
  "name": "The Acme Corporation"
}

Submission

 

Submission Object

 
Attribute
Type or Potential Values
Notes

bounty_code

String

Bounty's code

bug_url

String

caption

String

custom_fields

Array of Custom Fields

cvss_string

CVSS Score

This is only shown if the Bounty has enabled CVSS.

description_markdown

Text

Bugcrowd supports Github flavored markdown.

extra_info_markdown

Text

Bugcrowd supports Github flavored markdown.

file_attachments_count

Integer

Number of attachments on the submission.

http_request

Text

priority

Integer (1-5)

Technical Severity

reference_number

String

Unique Identifier that is visible to researchers

submitted_at

DateTime

substate

  • nue
  • wont_fix
  • out_of_scope
  • not_applicable
  • not_reproducible
  • triaged
  • unresolved
  • resolved
  • duplicate

title

String

vrt_id

String (VRT ID's joined by .)

vrt_version

Integer

uuid

UUID

bounty

duplicate_of

assignee

user

monetary_rewards

target

{
  "bounty_code": "acmedynamite",
  "bug_url": "http://acmetntproducts.com",
  "caption": "Use the redundant IB application then you can quantify the mobile panel!",
  "custom_fields": { "field1": "my value" },
  "cvss_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
  "description_markdown": "When I click the thing it opens a thing which lets me type in a thing. Just enables the other thing which I can enter my payload in and make it go BOOOOOM!",
  "extra_info_markdown": "### Here is some extra info about this submission",
  "file_attachments_count": 2,
  "http_request": "GET / HTTP/1.1\\nHost: bugcrowd.com\\nProxy-Connection: keep-alive\\nAccept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9image/webp*/*;q=0.8\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10...",
  "priority": "2",
  "reference_number": "9cec0d6e6b1c778f34ba4eade6cd2a3e",
  "submitted_at": "2016-08-20T18:07:32.181Z",
  "substate": "unresolved",
  "title": "Use the redundant IB application then you can quantify the mobile panel!",
  "vrt_id": "server_security_misconfiguration.using_default_credentials.staging_development_server",
  "vrt_version": "1.0",
  "uuid": "4cdf9c81-d92e-4918-8766-1eda55e7293c",
  "bounty": {
    "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
    "bounty_type": "ongoing",
    "code": "acmedynamite",
    "custom_field_labels": [
      {
        "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
        "field_name": "field1"
      }
    ],
    "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
    "ends_at": null,
    "high_reward": 20000,
    "low_reward": 100,
    "name": "Acme Dynamite",
    "participation": "open",
    "points_only": true,
    "starts_at": "2016-12-01T00:00:00.000Z",
    "targets_overview_markdown": "",
    "tagline": "Have a blast hacking on Acme products!",
    "total_prize_pool": 100000,
    "remaining_prize_pool": 50000,
    "trial": false,
    "status": "live",
    "service_level": "validation"
  },
  "duplicate_of": null,
  "assignee": {
    "display_name": "Bertram Gilfoyle"
  },
  "user": {
    "username": "researcher123"
  },
  "monetary_rewards": [
    {
      "amount": "100.00"
    }
  ],
  "target": {
    "name": "http://acmetntproducts.com",
    "business_priority": "high"
  }
}

View Submissions

 
gethttps://api.bugcrowd.com/bounties/bounty_uuid/submissions
curl --request GET \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/submissions \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/submissions',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/submissions")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/bounties/bounty_uuid/submissions");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/submissions"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "submissions": [
    {
      "bounty_code": "acmedynamite",
      "bug_url": "http://acmetntproducts.com",
      "caption": "Use the redundant IB application then you can quantify the mobile panel!",
      "custom_fields": { "field1": "my value" },
      "description_markdown": "When I click the thing it opens a thing which lets me type in a thing. Just enables the other thing which I can enter my payload in and make it go BOOOOOM!",
      "extra_info_markdown": "### Here is some extra info about this submission",
      "file_attachments_count": 2,
      "http_request": "GET / HTTP/1.1\\nHost: bugcrowd.com\\nProxy-Connection: keep-alive\\nAccept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9image/webp*/*;q=0.8\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10...",
      "priority": "2",
      "reference_number": "9cec0d6e6b1c778f34ba4eade6cd2a3e",
      "submitted_at": "2016-08-20T18:07:32.181Z",
      "substate": "unresolved",
      "title": "Use the redundant IB application then you can quantify the mobile panel!",
      "vrt_id": "server_security_misconfiguration.using_default_credentials.staging_development_server",
      "vrt_version": "1.0",
      "uuid": "4cdf9c81-d92e-4918-8766-1eda55e7293c",
      "bounty": {
        "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
        "bounty_type": "ongoing",
        "code": "acmedynamite",
        "custom_field_labels": [
          {
            "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
            "field_name": "field1"
          }
        ],
        "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
        "ends_at": null,
        "high_reward": 20000,
        "low_reward": 100,
        "name": "Acme Dynamite",
        "participation": "open",
        "points_only": true,
        "starts_at": "2016-12-01T00:00:00.000Z",
        "targets_overview_markdown": "",
        "tagline": "Have a blast hacking on Acme products!",
        "total_prize_pool": 100000,
        "remaining_prize_pool": 50000,
        "trial": false,
        "status": "live",
        "service_level": "validation"
      },
      "duplicate_of": null,
      "assignee": {
        "display_name": "Bertram Gilfoyle"
      },
      "user": {
        "username": "researcher123"
      },
      "monetary_rewards": [
        {
          "amount": "100.00"
        }
      ],
      "target": {
        "name": "http://acmetntproducts.com",
        "business_priority": "high"
      }
    }
  ],
  "meta": {
    "count": 1,
    "offset": null,
    "total_hits": 45
  }
}

Path Params

bounty_uuid
string
required

Bounty's UUID

Query Params

assignment
string

Filter results based on whether or not submissions are assigned. Supported values: mine, assigned or unassigned.

filter
string

Filter results based on the substate of the submission. Supported values: nue, triaged, unresolved, resolved, duplicate, out_of_scope, not_reproducible, wont_fix, not_applicable.

offset
int32

Number of submissions to offset the request by.

limit
int32

Number of submissions to return in this request.

search
string

Free text search of submission fields.

sort
string

Sort the submission results based on different rules: Supported values: newest, oldest, acceptance, name, priority.

Headers

Accept
string
required
 

Retrieve a Submission

 
gethttps://api.bugcrowd.com/submissions/submission_uuid
curl --request GET \
  --url https://api.bugcrowd.com/submissions/submission_uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/submissions/submission_uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "submission": {
    "bounty_code": "acmedynamite",
    "bug_url": "http://acmetntproducts.com",
    "caption": "Use the redundant IB application then you can quantify the mobile panel!",
    "custom_fields": { "field1": "my value" },
    "description_markdown": "When I click the thing it opens a thing which lets me type in a thing. Just enables the other thing which I can enter my payload in and make it go BOOOOOM!",
    "extra_info_markdown": "### Here is some extra info about this submission",
    "file_attachments_count": 2,
    "http_request": "GET / HTTP/1.1\\nHost: bugcrowd.com\\nProxy-Connection: keep-alive\\nAccept: text/htmlapplication/xhtml+xmlapplication/xml;q=0.9image/webp*/*;q=0.8\\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10...",
    "priority": "2",
    "reference_number": "9cec0d6e6b1c778f34ba4eade6cd2a3e",
    "submitted_at": "2016-08-20T18:07:32.181Z",
    "substate": "unresolved",
    "title": "Use the redundant IB application then you can quantify the mobile panel!",
    "vrt_id": "server_security_misconfiguration.using_default_credentials.staging_development_server",
    "vrt_version": "1.0",
    "uuid": "4cdf9c81-d92e-4918-8766-1eda55e7293c",
    "bounty": {
      "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
      "bounty_type": "ongoing",
      "code": "acmedynamite",
      "custom_field_labels": [
        {
          "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
          "field_name": "field1"
        }
      ],
      "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
      "ends_at": null,
      "high_reward": 20000,
      "low_reward": 100,
      "name": "Acme Dynamite",
      "participation": "open",
      "points_only": true,
      "starts_at": "2016-12-01T00:00:00.000Z",
      "targets_overview_markdown": "",
      "tagline": "Have a blast hacking on Acme products!",
      "total_prize_pool": 100000,
      "remaining_prize_pool": 50000,
      "trial": false,
      "status": "live",
      "service_level": "validation"
    },
    "duplicate_of": null,
    "assignee": {
      "display_name": "Bertram Gilfoyle"
    },
    "user": {
      "username": "researcher123"
    },
    "monetary_rewards": [
      {
        "amount": "100.00"
      }
    ],
    "target": {
      "name": "http://acmetntproducts.com",
      "business_priority": "high"
    }
  }
}

Path Params

submission_uuid
string
required

Submission's UUID

Headers

Accept
string
required
 

Create a Submission

 
posthttps://api.bugcrowd.com/bounties/bounty_uuid/submissions
curl --request POST \
  --url https://api.bugcrowd.com/bounties/bounty_uuid/submissions \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'POST',
  url: 'https://api.bugcrowd.com/bounties/bounty_uuid/submissions',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/bounties/bounty_uuid/submissions")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.bugcrowd.com/bounties/bounty_uuid/submissions");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/bounties/bounty_uuid/submissions"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("POST", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "submission": {
    "bounty_code": "bugcrowdswag",
    "bug_url": "http://acmetntproducts.com",
    "caption": "Use the redundant IB application then you can quantify the mobile panel!",
    "custom_fields": {},
    "cvss_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
    "description_markdown": null,
    "extra_info_markdown": null,
    "file_attachments_count": 0,
    "http_request": null,
    "priority": "1",
    "reference_number": "b95de42bca4a0c83c8632ef22f73d700030da7816d131db20978fa9db910214e",
    "submitted_at": "2016-12-12T00:00:00.000Z",
    "substate": "unresolved",
    "title": "Use the redundant IB application then you can quantify the mobile panel!",
    "vrt_id": "server_security_misconfiguration.using_default_credentials.production_server",
    "vrt_version": "1.0",
    "uuid": "4ed6e50f-f2a8-43d7-a1dc-6abf370f8620",
    "bounty": {
      "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
      "bounty_type": "ongoing",
      "code": "acmedynamite",
      "custom_field_labels": [
         {
           "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
           "field_name": "field1"
         }
      ],
      "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
      "ends_at": null,
      "high_reward": 20000,
      "low_reward": 100,
      "name": "Acme Dynamite",
      "participation": "open",
      "points_only": true,
      "starts_at": "2016-12-01T00:00:00.000Z",
      "targets_overview_markdown": "",
      "tagline": "Have a blast hacking on Acme products!",
      "total_prize_pool": 100000,
      "remaining_prize_pool": 50000,
      "trial": false,
      "status": "live",
      "service_level": "validation"
      },
    "duplicate_of": null,
    "assignee": null,
    "monetary_rewards": [],
    "target": {
       "name": "http://acmetntproducts.com",
       "business_priority": "high"
    }
  }
}

Path Params

bounty_uuid
string
required

Bounty's UUID

Body Params

submission
object
submission.title
string
required

The title of the submission.

submission.submitted_at
date

The timestamp at which the submission was received. Must be in ISO8601 format, e.g. 2017-05-22T00:00:00Z

submission.bug_url
string

The URI where the vulnerability can be initiated. Must be less than 2500 characters

submission.comment
string

Internal comment regarding the Submission. Must be less than 10000 characters

submission.description_markdown
string

Description of the submission in markdown format. Must be less than 10000 characters

submission.extra_info_markdown
string

Additional information provided by the researcher in markdown format. Must be less than 10000 characters

submission.http_request
string

The HTTP request that triggers the vulnerability. Must be less than 10000 characters

submission.priority
int32

The priority of the vulnerability, 1 denoting Critical and 5 denoting Informational. Must be between 1 and 5

submission.replication_steps_markdown
string

Details on steps to reproduce the issue. Must be less than 10000 characters

submission.researcher_email
string

An email address for the researcher who submitted this issue. If provided, we will email the researcher and allow them to claim this submission on Bugcrowd using an account of their choice. Must be a valid email address

submission.substate
string

The current status of the submission. Supported values: nue, triaged, unresolved, resolved, duplicate, out_of_scope, not_reproducible, wont_fix, not_applicable.

submission.vrt_id
string

The classification of the bug, according to the current VRT version. Must be in the ID format (category.subcategory.variant) and be valid in the current version. Setting the vrt_id on a submission may also set its priority if there is an associated priority for that VRT classification.

submission.cvss_string
string

The CVSS Score of the program, only settable if the Bounty has CVSS enabled

Headers

Accept
string
required
 

Update a Submission

 
puthttps://api.bugcrowd.com/submissions/submission_uuid
curl --request PUT \
  --url https://api.bugcrowd.com/submissions/submission_uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'PUT',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Put.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("PUT", "https://api.bugcrowd.com/submissions/submission_uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("PUT", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "submission": {
    "bounty_code": "bugcrowdswag",
    "bug_url": "http://acmetntproducts.com",
    "caption": "Use the redundant IB application then you can quantify the mobile panel!",
    "custom_fields": {},
    "cvss_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
    "description_markdown": null,
    "extra_info_markdown": null,
    "file_attachments_count": 0,
    "http_request": null,
    "priority": "1",
    "reference_number": "b95de42bca4a0c83c8632ef22f73d700030da7816d131db20978fa9db910214e",
    "submitted_at": "2016-12-12T00:00:00.000Z",
    "substate": "unresolved",
    "title": "Use the redundant IB application then you can quantify the mobile panel!",
    "vrt_id": "server_security_misconfiguration.using_default_credentials.production_server",
    "vrt_version": "1.0",
    "uuid": "4ed6e50f-f2a8-43d7-a1dc-6abf370f8620",
    "bounty": {
      "uuid": "d76c9eeb-25bb-4a08-9cd2-51677fd35bcd",
      "bounty_type": "ongoing",
      "code": "acmedynamite",
      "custom_field_labels": [
         {
           "field_id": "09cfece3-f986-4c94-8cfc-03578d14e7ae",
           "field_name": "field1"
         }
      ],
      "description_markdown": "A bounty testing the safety and security of dynamite-related devices produced by The Acme Corporation",
      "ends_at": null,
      "high_reward": 20000,
      "low_reward": 100,
      "name": "Acme Dynamite",
      "participation": "open",
      "points_only": true,
      "starts_at": "2016-12-01T00:00:00.000Z",
      "targets_overview_markdown": "",
      "tagline": "Have a blast hacking on Acme products!",
      "total_prize_pool": 100000,
      "remaining_prize_pool": 50000,
      "trial": false,
      "status": "live",
      "service_level": "validation"
      },
    "duplicate_of": null,
    "assignee": null,
    "monetary_rewards": [],
    "target": {
       "name": "http://acmetntproducts.com",
       "business_priority": "high"
    }
  }
}

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

submission
object
submission.bug_url
string

The URI where the vulnerability can be initiated. Must be less than 2500 characters

submission.vrt_id
string

The classification of the bug, according to the current VRT version. Must be in the ID format (category.subcategory.variant) and be valid in the current version. Setting the vrt_id on a submission may also set its priority if there is an associated priority for that VRT classification.

submission.title
string

The title of the submission.

submission.cvss_string
string

The CVSS Score of the program, only settable if the Bounty has CVSS enabled

Headers

Accept
string
required
 

Updating VRT Classification affects Priority

Updating the vrt_id on a submission may also update its priority if there is an associated priority for that VRT classification. It also updates the VRT classification of any duplicate submissions.

Reward a Submission

 
posthttps://api.bugcrowd.com/submissions/submission_uuid/rewards
curl --request POST \
  --url https://api.bugcrowd.com/submissions/submission_uuid/rewards \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'POST',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/rewards',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/rewards")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.bugcrowd.com/submissions/submission_uuid/rewards");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/rewards"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("POST", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{"success":"Successfully created reward on submission."}

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

amount
int32
required

The amount of USD the submission will be rewarded Must be over 0. If it is the first reward for a new, triaged, unresolved, or resolved submission with a P1-4 priority, it must be equal to or above the Bounty's low reward amount. On the non-first reward on a submission, any amount over 0 is acceptable.

Headers

Accept
string
required
 

Transition a Submission

 
posthttps://api.bugcrowd.com/submissions/submission_uuid/transition
curl --request POST \
  --url https://api.bugcrowd.com/submissions/submission_uuid/transition \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'POST',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/transition',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/transition")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.bugcrowd.com/submissions/submission_uuid/transition");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/transition"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("POST", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

No response examples available

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

substate
string
required

Supported values: new, wont_fix, out_of_scope, not_applicable, not_reproducible, triaged, unresolved, resolved, duplicate.

duplicate_of
string

If substate is duplicate, this field is required. Value is UUID of a duplicate submission eg. 4cdf9c81-d92e-4918-8766-1eda55e7293c

Headers

Accept
string
required
 

Attachments

 

Attachment Object

 
Attribute
Type or Potential Values
Notes

file_name

String

file_size

Integer

Size in bytes

file_type

String

s3_signed_url

URL

The signed URL will expire after 10 seconds.

{
  "file_name": "test.jpg",
  "file_size": 4500,
  "file_type": "image/jpeg",
  "s3_signed_url": "https://bugcrowd-attachments-us-east-1-production.s3.amazonaws.com/attachments/accepted/ks92hfs8-98n8-46e0-ab35-9ad18b482dea/2017-08-08%2013.01.16.jpg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJN623VH7STEASWLA%2F20180124%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180124T025833Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=1a12p91784c12e47f8ur2cc820d448e1d5a9ca79fb7f9dd8c8fb04f6d5f70a4e"
}

View Comment Attachments

 
gethttps://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments
curl --request GET \
  --url https://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/comments/comment_uuid/file_attachments"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "file_attachments": [
    {
      "file_name": "test.jpg",
      "file_size": 4500,
      "file_type": "image/jpeg",
      "s3_signed_url": "https://bugcrowd-attachments-us-east-1-production.s3.amazonaws.com/attachments/accepted/ks92hfs8-98n8-46e0-ab35-9ad18b482dea/2017-08-08%2013.01.16.jpg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJN623VH7STEASWLA%2F20180124%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180124T025833Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=1a12p91784c12e47f8ur2cc820d448e1d5a9ca79fb7f9dd8c8fb04f6d5f70a4e"
    }
  ]
}

Path Params

submission_uuid
string
required

Submission's UUID

comment_uuid
string
required

Comment's UUID

Headers

Accept
string
required
 

Will return an Array of Attachment Object within the file_attachments key.

View Submission Attachments

 
gethttps://api.bugcrowd.com/submissions/submission_uuid/file_attachments
curl --request GET \
  --url https://api.bugcrowd.com/submissions/submission_uuid/file_attachments \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/file_attachments',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/file_attachments")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/submissions/submission_uuid/file_attachments");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/file_attachments"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "file_attachments": [
    {
      "file_name": "test.jpg",
      "file_size": 4500,
      "file_type": "image/jpeg",
      "s3_signed_url": "https://bugcrowd-attachments-us-east-1-production.s3.amazonaws.com/attachments/accepted/ks92hfs8-98n8-46e0-ab35-9ad18b482dea/2017-08-08%2013.01.16.jpg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJN623VH7STEASWLA%2F20180124%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180124T025833Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=1a12p91784c12e47f8ur2cc820d448e1d5a9ca79fb7f9dd8c8fb04f6d5f70a4e"
    }
  ]
}

Path Params

submission_uuid
string
required

Submission's UUID

Headers

Accept
string
required
 

Will return an Array of Attachment Object within the file_attachments key.

Comments

 

Comment Object

 
{
  "body_markdown": "A *message* to you *@Lily Nienow*",
  "created_at": "2017-08-25T16:11:40.203Z",
  "file_attachments_count": 2,
  "user_id": 7,
  "uuid": "da040c2a-289b-46f7-88d1-86b16462de3e"
}
Attribute
Type or Potential Values
Notes

body_markdown

Text

Bugcrowd supports Github flavored markdown.

created_at

DateTime

file_attachments_count

Integer

Number of file attachments on the Comment.

user_id

Integer

uuid

UUID

Comment types

A submission comment can be one of two different types:

  * note
  * tester_message

A note is viewable only to crowdcontrol users that have a relevant bounty or organization role, whereas a tester_message is viewable by both crowdcontrol users and researchers.

If you would like to communicate private information to the Bugcrowd ASE team, or to an internal analyst on your company's security team, create a note. If you have any questions or information to relay to the researcher who submitted the vulnerability, create a tester_message.

Formatting

Comments are written in markdown. Bugcrowd supports Github flavored markdown, with some exceptions as listed in the parameters section below.

Mentioning other users

You can mention team members in a note and they will be notified of the mention. Use the following format in the comment body:

"Hi [owner@example.com], I am mentioning you in a note!"

View Comments

 
gethttps://api.bugcrowd.com/submissions/submission_uuid/comments
curl --request GET \
  --url https://api.bugcrowd.com/submissions/submission_uuid/comments \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/comments',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/comments")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/submissions/submission_uuid/comments");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/comments"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "notes": [{
    "body_markdown": "A *message* to you *@Lily Nienow*",
    "created_at": "2017-08-25T16:11:40.203Z",
    "file_attachments_count": 2,
    "user_id": 7,
    "uuid": "da040c2a-289b-46f7-88d1-86b16462de3e"
  }],
  "tester_messages": [{
    "body_markdown": "A *message* to the researcher",
    "created_at": "2017-08-26T16:15:70.233Z",
    "file_attachments_count": 0,
    "user_id": 7,
    "uuid": "da04122a-285b-4r57-0921-2qasda32a232"
  }]
}

Path Params

submission_uuid
string
required

Submission's UUID

Headers

Accept
string
required
 

Will return an Array of Comment Objects within notes and tester_messages keys.

Create a Comment

 
posthttps://api.bugcrowd.com/submissions/submission_uuid/comments
curl --request POST \
  --url https://api.bugcrowd.com/submissions/submission_uuid/comments \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'POST',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/comments',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/comments")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.bugcrowd.com/submissions/submission_uuid/comments");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/comments"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("POST", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "notes": [{
    "body_markdown": "A *message* to you *@Lily Nienow*",
    "created_at": "2017-08-25T16:11:40.203Z",
    "file_attachments_count": 2,
    "user_id": 7,
    "uuid": "da040c2a-289b-46f7-88d1-86b16462de3e"
  }]
}

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

comment
object
comment.body_markdown
string
required

Markdown enabled body of the comment. Supports most markdown except for the following restrictions: escape_html: true no_images: true no_styles: true hard_wrap: true safe_links_only: true autolink: false tables: true fenced_code_blocks: true strikethrough: true no_intra_emphasis: true link_attributes: { rel: 'nofollow noreferrer' target: '_blank' } Also supports user mentions, please pass the mentioned user's email address in square brackets to create a mention notification. e.g. Hi [owner@example.com]

comment.type
string

Accepted values of note or tester_message. Remember note is only displayed to crowdcontrol users with roles on the bounty, whereas a tester_message is also displayed to the researcher who submitted the vulnerability.

Headers

Accept
string
required
 

Priority

 

Priority Object

 
Attribute
Type or Potential Values
Notes

Priority

Integer (1-5 | nil)

Technical Severity

{
  "priority": {
    "level": 4
  }
}

Retrieve a Priority

 
gethttps://api.bugcrowd.com/submissions/submission_uuid/priority
curl --request GET \
  --url https://api.bugcrowd.com/submissions/submission_uuid/priority \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/priority',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/priority")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/submissions/submission_uuid/priority");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/priority"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "priority": {
    "level": 1
  }
}

Path Params

submission_uuid
string
required

Submission's UUID

Headers

Accept
string
required
 

Update a Priority

 
puthttps://api.bugcrowd.com/submissions/submission_uuid/priority
curl --request PUT \
  --url https://api.bugcrowd.com/submissions/submission_uuid/priority \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'PUT',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/priority',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/priority")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Put.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("PUT", "https://api.bugcrowd.com/submissions/submission_uuid/priority");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/priority"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("PUT", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "priority": {
    "level": 3
  }
}

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

priority
object
priority.level
int32
required

The priority level the submission will be set to. Must be less than 255 characters. Must be a match: 1 - critical, 2 - high, 3 - medium, 4 - low, 5 - informational

Headers

Accept
string
required
 

Remove a Priority

 
deletehttps://api.bugcrowd.com/submissions/submission_uuid/priority
curl --request DELETE \
  --url https://api.bugcrowd.com/submissions/submission_uuid/priority \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'DELETE',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid/priority',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid/priority")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Delete.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("DELETE", "https://api.bugcrowd.com/submissions/submission_uuid/priority");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid/priority"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("DELETE", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "priority": {
    "level": null
  }
}

Path Params

submission_uuid
string
required

Submission's UUID

Headers

Accept
string
required
 

Custom Field

 

Custom Field Object

 
Attribute
Type
Notes

dynamic

String

Based on Custom Field Labels field_name on the Bounty

{
  "field1": "my value"
}

Update a Custom Field

 
puthttps://api.bugcrowd.com/submissions/submission_uuid
curl --request PUT \
  --url https://api.bugcrowd.com/submissions/submission_uuid \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'PUT',
  url: 'https://api.bugcrowd.com/submissions/submission_uuid',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/submissions/submission_uuid")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Put.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("PUT", "https://api.bugcrowd.com/submissions/submission_uuid");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/submissions/submission_uuid"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("PUT", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

No response examples available

Path Params

submission_uuid
string
required

Submission's UUID

Body Params

submission
object
submission.custom_fields
object
submission.custom_fields.my_field
string

my_field would be replaced by the field_name of the Custom Field

Headers

Accept
string
required
 

Checkout Update a Submission for more information on this endpoint.

Monetary Reward Object

 
Attribute
Type
Notes

amount

Integer

Reward for a researcher in USD

{
  "amount": "100.00"
}

Target Object

 
Attribute
Type or Potential Values
Notes

name

String

business_priority

low, medium, or high

{
  "name": "http://acmetntproducts.com",
  "business_priority": "high"
}

Tracker User Object

 
Attribute
Type
Notes

display_name

String

{
  "display_name": "Bertram Gilfoyle"
}

User Object

 
Attribute
Type or Potential Values
Notes

username

String

Unique

{
  "username": "researcher123"
}

Vulnerability Rating Taxonomy

 

The Vulnerability Rating Taxonomy is our baseline bug bounty priority rating system. Utilize the API to retrieve data from the VRT - the following requests may be used to retrieve specific information such as VRT versions or classifications.

Attention: No Authentication Needed

The following API endpoints are publicly available to everyone. Individuals attempting to access the VRT information via the API will not need any authentication tokens nor a Bugcrowd account.

View Versions

 
gethttps://api.bugcrowd.com/vrt
curl --request GET \
  --url https://api.bugcrowd.com/vrt \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/vrt',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/vrt")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/vrt");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/vrt"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

["1.2","1.1","1.0"]

Headers

Accept
string
required
 

Retrieve a Version

 
gethttps://api.bugcrowd.com/vrt/version_number
curl --request GET \
  --url https://api.bugcrowd.com/vrt/version_number \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/vrt/version_number',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/vrt/version_number")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/vrt/version_number");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/vrt/version_number"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

[{"id":"server_security_misconfiguration","name":"Server Security Misconfiguration","type":"category","children":[{"id":"unsafe_cross_origin_resource_sharing","name":"Unsafe Cross-Origin Resource Sharing","type":"subcategory","priority":null},{"id":"path_traversal","name":"Path Traversal","type":"subcategory","priority":null},{"id":"directory_listing_enabled","name":"Directory Listing Enabled","type":"subcategory","children":[{"id":"sensitive_data_exposure","name":"Sensitive Data Exposure","type":"variant","priority":null},{"id":"non_sensitive_data_exposure","name":"Non-Sensitive Data Exposure","type":"variant","priority":5}]},{"id":"same_site_scripting","name":"Same-Site Scripting","type":"subcategory","priority":5},{"id":"ssl_attack_breach_poodle_etc","name":"SSL Attack (BREACH, POODLE etc.)","type":"subcategory","priority":null},{"id":"using_default_credentials","name":"Using Default Credentials","type":"subcategory","children":[{"id":"production_server","name":"Production Server","type":"variant","priority":1},{"id":"staging_development_server","name":"Staging/Development Server","type":"variant","priority":2}]},{"id":"misconfigured_dns","name":"Misconfigured DNS","type":"subcategory","children":[{"id":"subdomain_takeover","name":"Subdomain Takeover","type":"variant","priority":2},{"id":"zone_transfer","name":"Zone Transfer","type":"variant","priority":4}]},{"id":"mail_server_misconfiguration","name":"Mail Server Misconfiguration","type":"subcategory","children":[{"id":"missing_spf_on_email_domain","name":"Missing SPF on Email Domain","type":"variant","priority":3},{"id":"email_spoofable_via_third_party_api_misconfiguration","name":"Email Spoofable Via Third-Party API Misconfiguration","type":"variant","priority":3},{"id":"missing_spf_on_non_email_domain","name":"Missing SPF on Non-Email Domain","type":"variant","priority":5},{"id":"spf_uses_a_soft_fail","name":"SPF Uses a Soft Fail","type":"variant","priority":5},{"id":"spf_includes_10_lookups","name":"SPF Includes More Than 10 Lookups","type":"variant","priority":5},{"id":"missing_dmarc","name":"Missing DKIM/DMARC","type":"variant","priority":5}]},{"id":"lack_of_password_confirmation","name":"Lack of Password Confirmation","type":"subcategory","children":[{"id":"change_email_address","name":"Change Email Address","type":"variant","priority":4},{"id":"change_password","name":"Change Password","type":"variant","priority":4},{"id":"delete_account","name":"Delete Account","type":"variant","priority":4},{"id":"manage_two_fa","name":"Manage 2FA","type":"variant","priority":5}]},{"id":"no_rate_limiting_on_form","name":"No Rate Limiting on Form","type":"subcategory","children":[{"id":"registration","name":"Registration","type":"variant","priority":4},{"id":"login","name":"Login","type":"variant","priority":3},{"id":"email_triggering","name":"Email-Triggering","type":"variant","priority":4}]},{"id":"unsafe_file_upload","name":"Unsafe File Upload","type":"subcategory","children":[{"id":"no_antivirus","name":"No Antivirus","type":"variant","priority":4},{"id":"no_size_limit","name":"No Size Limit","type":"variant","priority":4},{"id":"file_extension_filter_bypass","name":"File Extension Filter Bypass","type":"variant","priority":5}]},{"id":"cookie_scoped_to_parent_domain","name":"Cookie Scoped to Parent Domain","type":"subcategory","priority":5},{"id":"missing_secure_or_httponly_cookie_flag","name":"Missing Secure or HTTPOnly Cookie Flag","type":"subcategory","children":[{"id":"session_token","name":"Session Token","type":"variant","priority":4},{"id":"non_session_cookie","name":"Non-Session Cookie","type":"variant","priority":5}]},{"id":"clickjacking","name":"Clickjacking","type":"subcategory","children":[{"id":"sensitive_action","name":"Sensitive Action","type":"variant","priority":4},{"id":"non_sensitive_action","name":"Non-Sensitive Action","type":"variant","priority":5}]},{"id":"oauth_misconfiguration","name":"OAuth Misconfiguration","type":"subcategory","children":[{"id":"missing_state_parameter","name":"Missing State Parameter","type":"variant","priority":4}]},{"id":"captcha_bypass","name":"Captcha Bypass","type":"subcategory","children":[{"id":"implementation_vulnerability","name":"Implementation Vulnerability","type":"variant","priority":4},{"id":"brute_force","name":"Brute Force","type":"variant","priority":5}]},{"id":"exposed_admin_portal","name":"Exposed Admin Portal","type":"subcategory","children":[{"id":"to_internet","name":"To Internet","type":"variant","priority":5}]},{"id":"missing_dnssec","name":"Missing DNSSEC","type":"subcategory","priority":5},{"id":"fingerprinting_banner_disclosure","name":"Fingerprinting/Banner Disclosure","type":"subcategory","priority":5},{"id":"username_enumeration","name":"Username Enumeration","type":"subcategory","children":[{"id":"brute_force","name":"Brute Force","type":"variant","priority":5}]},{"id":"potentially_unsafe_http_method_enabled","name":"Potentially Unsafe HTTP Method Enabled","type":"subcategory","children":[{"id":"options","name":"OPTIONS","type":"variant","priority":5},{"id":"trace","name":"TRACE","type":"variant","priority":5}]},{"id":"insecure_ssl","name":"Insecure SSL","type":"subcategory","children":[{"id":"lack_of_forward_secrecy","name":"Lack of Forward Secrecy","type":"variant","priority":5},{"id":"insecure_cipher_suite","name":"Insecure Cipher Suite","type":"variant","priority":5}]},{"id":"rfd","name":"Reflected File Download (RFD)","type":"subcategory","priority":5},{"id":"lack_of_security_headers","name":"Lack of Security Headers","type":"subcategory","children":[{"id":"x_frame_options","name":"X-Frame-Options","type":"variant","priority":5},{"id":"cache_control_for_a_non_sensitive_page","name":"Cache-Control for a Non-Sensitive Page","type":"variant","priority":5},{"id":"x_xss_protection","name":"X-XSS-Protection","type":"variant","priority":5},{"id":"strict_transport_security","name":"Strict-Transport-Security","type":"variant","priority":5},{"id":"x_content_type_options","name":"X-Content-Type-Options","type":"variant","priority":5},{"id":"content_security_policy","name":"Content-Security-Policy","type":"variant","priority":5},{"id":"public_key_pins","name":"Public-Key-Pins","type":"variant","priority":5},{"id":"x_content_security_policy","name":"X-Content-Security-Policy","type":"variant","priority":5},{"id":"x_webkit_csp","name":"X-Webkit-CSP","type":"variant","priority":5},{"id":"content_security_policy_report_only","name":"Content-Security-Policy-Report-Only","type":"variant","priority":5},{"id":"cache_control_for_a_sensitive_page","name":"Cache-Control for a Sensitive Page","type":"variant","priority":4}]}]},{"id":"server_side_injection","name":"Server-Side Injection","type":"category","children":[{"id":"file_inclusion","name":"File Inclusion","type":"subcategory","children":[{"id":"local","name":"Local","type":"variant","priority":1}]},{"id":"parameter_pollution","name":"Parameter Pollution","type":"subcategory","children":[{"id":"social_media_sharing_buttons","name":"Social Media Sharing Buttons","type":"variant","priority":5}]},{"id":"remote_code_execution_rce","name":"Remote Code Execution (RCE)","type":"subcategory","priority":1},{"id":"sql_injection","name":"SQL Injection","type":"subcategory","children":[{"id":"error_based","name":"Error-Based","type":"variant","priority":1},{"id":"blind","name":"Blind","type":"variant","priority":1}]},{"id":"xml_external_entity_injection_xxe","name":"XML External Entity Injection (XXE)","type":"subcategory","priority":1},{"id":"http_response_manipulation","name":"HTTP Response Manipulation","type":"subcategory","children":[{"id":"response_splitting_crlf","name":"Response Splitting (CRLF)","type":"variant","priority":3}]},{"id":"content_spoofing","name":"Content Spoofing","type":"subcategory","children":[{"id":"iframe_injection","name":"iframe Injection","type":"variant","priority":3},{"id":"external_authentication_injection","name":"External Authentication Injection","type":"variant","priority":4},{"id":"email_html_injection","name":"Email HTML Injection","type":"variant","priority":4},{"id":"text_injection","name":"Text Injection","type":"variant","priority":5},{"id":"homograph_idn_based","name":"Homograph/IDN-Based","type":"variant","priority":5}]}]},{"id":"broken_authentication_and_session_management","name":"Broken Authentication and Session Management","type":"category","children":[{"id":"authentication_bypass","name":"Authentication Bypass","type":"subcategory","priority":1},{"id":"privilege_escalation","name":"Privilege Escalation","type":"subcategory","priority":null},{"id":"weak_login_function","name":"Weak Login Function","type":"subcategory","children":[{"id":"over_http","name":"Over HTTP","type":"variant","priority":3}]},{"id":"session_fixation","name":"Session Fixation","type":"subcategory","priority":3},{"id":"failure_to_invalidate_session","name":"Failure to Invalidate Session","type":"subcategory","children":[{"id":"on_logout","name":"On Logout","type":"variant","priority":4},{"id":"on_password_reset","name":"On Password Reset","type":"variant","priority":4},{"id":"on_password_change","name":"On Password Change","type":"variant","priority":4},{"id":"all_sessions","name":"All Sessions","type":"variant","priority":5},{"id":"on_email_change","name":"On Email Change","type":"variant","priority":5},{"id":"long_timeout","name":"Long Timeout","type":"variant","priority":5}]},{"id":"concurrent_logins","name":"Concurrent Logins","type":"subcategory","priority":5},{"id":"weak_registration_implementation","name":"Weak Registration Implementation","type":"subcategory","children":[{"id":"over_http","name":"Over HTTP","type":"variant","priority":4}]}]},{"id":"insecure_direct_object_references_idor","name":"Insecure Direct Object References (IDOR)","type":"category","priority":null},{"id":"sensitive_data_exposure","name":"Sensitive Data Exposure","type":"category","children":[{"id":"critically_sensitive_data","name":"Critically Sensitive Data","type":"subcategory","children":[{"id":"password_disclosure","name":"Password Disclosure","type":"variant","priority":1},{"id":"private_api_keys","name":"Private API Keys","type":"variant","priority":1}]},{"id":"exif_geolocation_data_not_stripped_from_uploaded_images","name":"EXIF Geolocation Data Not Stripped From Uploaded Images","type":"subcategory","children":[{"id":"automatic_user_enumeration","name":"Automatic User Enumeration","type":"variant","priority":3},{"id":"manual_user_enumeration","name":"Manual User Enumeration","type":"variant","priority":4}]},{"id":"visible_detailed_error_page","name":"Visible Detailed Error/Debug Page","type":"subcategory","children":[{"id":"detailed_server_configuration","name":"Detailed Server Configuration","type":"variant","priority":4},{"id":"full_path_disclosure","name":"Full Path Disclosure","type":"variant","priority":5},{"id":"descriptive_stack_trace","name":"Descriptive Stack Trace","type":"variant","priority":5}]},{"id":"disclosure_of_known_public_information","name":"Disclosure of Known Public Information","type":"subcategory","priority":5},{"id":"token_leakage_via_referer","name":"Token Leakage via Referer","type":"subcategory","children":[{"id":"trusted_3rd_party","name":"Trusted 3rd Party","type":"variant","priority":5},{"id":"untrusted_3rd_party","name":"Untrusted 3rd Party","type":"variant","priority":4},{"id":"over_http","name":"Over HTTP","type":"variant","priority":4}]},{"id":"sensitive_token_in_url","name":"Sensitive Token in URL","type":"subcategory","priority":4},{"id":"non_sensitive_token_in_url","name":"Non-Sensitive Token in URL","type":"subcategory","priority":5},{"id":"weak_password_reset_implementation","name":"Weak Password Reset Implementation","type":"subcategory","children":[{"id":"password_reset_token_sent_over_http","name":"Password Reset Token Sent Over HTTP","type":"variant","priority":4}]},{"id":"mixed_content","name":"Mixed Content (HTTPS Sourcing HTTP)","type":"subcategory","priority":5},{"id":"sensitive_data_hardcoded","name":"Sensitive Data Hardcoded","type":"subcategory","children":[{"id":"oauth_secret","name":"OAuth Secret","type":"variant","priority":5},{"id":"file_paths","name":"File Paths","type":"variant","priority":5}]},{"id":"internal_ip_disclosure","name":"Internal IP Disclosure","type":"subcategory","priority":5},{"id":"xssi","name":"Cross Site Script Inclusion (XSSI)","type":"subcategory","priority":null},{"id":"json_hijacking","name":"JSON Hijacking","type":"subcategory","priority":5}]},{"id":"cross_site_scripting_xss","name":"Cross-Site Scripting (XSS)","type":"category","children":[{"id":"stored","name":"Stored","type":"subcategory","children":[{"id":"non_admin_to_anyone","name":"Non-Admin to Anyone","type":"variant","priority":2},{"id":"admin_to_anyone","name":"Admin to Anyone","type":"variant","priority":3},{"id":"self","name":"Self","type":"variant","priority":5}]},{"id":"reflected","name":"Reflected","type":"subcategory","children":[{"id":"non_self","name":"Non-Self","type":"variant","priority":3},{"id":"self","name":"Self","type":"variant","priority":5}]},{"id":"cookie_based","name":"Cookie-Based","type":"subcategory","priority":5},{"id":"ie_only","name":"IE-Only","type":"subcategory","children":[{"id":"older_version_ie_10_11","name":"Older Version (IE 10/11)","type":"variant","priority":4},{"id":"xss_filter_disabled","name":"XSS Filter Disabled","type":"variant","priority":5},{"id":"older_version_ie10","name":"Older Version (\u003c IE10)","type":"variant","priority":5}]},{"id":"referer","name":"Referer","type":"subcategory","priority":4},{"id":"trace_method","name":"TRACE Method","type":"subcategory","priority":5},{"id":"universal_uxss","name":"Universal (UXSS)","type":"subcategory","priority":4},{"id":"off_domain","name":"Off-Domain","type":"subcategory","children":[{"id":"data_uri","name":"Data URI","type":"variant","priority":4}]}]},{"id":"missing_function_level_access_control","name":"Missing Function Level Access Control","type":"category","children":[{"id":"server_side_request_forgery_ssrf","name":"Server-Side Request Forgery (SSRF)","type":"subcategory","children":[{"id":"internal","name":"Internal","type":"variant","priority":2},{"id":"external","name":"External","type":"variant","priority":4}]},{"id":"username_enumeration","name":"Username Enumeration","type":"subcategory","children":[{"id":"data_leak","name":"Data Leak","type":"variant","priority":4}]},{"id":"exposed_sensitive_android_intent","name":"Exposed Sensitive Android Intent","type":"subcategory","priority":null},{"id":"exposed_sensitive_ios_url_scheme","name":"Exposed Sensitive iOS URL Scheme","type":"subcategory","priority":null}]},{"id":"cross_site_request_forgery_csrf","name":"Cross-Site Request Forgery (CSRF)","type":"category","children":[{"id":"application_wide","name":"Applicaton-Wide","type":"subcategory","priority":2},{"id":"action_specific","name":"Action-Specific","type":"subcategory","children":[{"id":"authenticated_action","name":"Authenticated Action","type":"variant","priority":null},{"id":"unauthenticated_action","name":"Unauthenticated Action","type":"variant","priority":null},{"id":"logout","name":"Logout","type":"variant","priority":5}]}]},{"id":"application_level_denial_of_service_dos","name":"Application-Level Denial-of-Service (DoS)","type":"category","children":[{"id":"critical_impact_and_or_easy_difficulty","name":"Critical Impact and/or Easy Difficulty","type":"subcategory","priority":2},{"id":"high_impact_and_or_medium_difficulty","name":"High Impact and/or Medium Difficulty","type":"subcategory","priority":3},{"id":"app_crash","name":"App Crash","type":"subcategory","children":[{"id":"malformed_android_intents","name":"Malformed Android Intents","type":"variant","priority":5},{"id":"malformed_ios_url_schemes","name":"Malformed iOS URL Schemes","type":"variant","priority":5}]}]},{"id":"unvalidated_redirects_and_forwards","name":"Unvalidated Redirects and Forwards","type":"category","children":[{"id":"open_redirect","name":"Open Redirect","type":"subcategory","children":[{"id":"get_based","name":"GET-Based","type":"variant","priority":4},{"id":"post_based","name":"POST-Based","type":"variant","priority":5},{"id":"header_based","name":"Header-Based","type":"variant","priority":5}]},{"id":"tabnabbing","name":"Tabnabbing","type":"subcategory","priority":5},{"id":"lack_of_security_speed_bump_page","name":"Lack of Security Speed Bump Page","type":"subcategory","priority":5}]},{"id":"external_behavior","name":"External Behavior","type":"category","children":[{"id":"browser_feature","name":"Browser Feature","type":"subcategory","children":[{"id":"plaintext_password_field","name":"Plaintext Password Field","type":"variant","priority":5},{"id":"save_password","name":"Save Password","type":"variant","priority":5},{"id":"autocomplete_enabled","name":"Autocomplete Enabled","type":"variant","priority":5},{"id":"autocorrect_enabled","name":"Autocorrect Enabled","type":"variant","priority":5},{"id":"aggressive_offline_caching","name":"Aggressive Offline Caching","type":"variant","priority":5}]},{"id":"csv_injection","name":"CSV Injection","type":"subcategory","priority":5},{"id":"captcha_bypass","name":"Captcha Bypass","type":"subcategory","children":[{"id":"crowdsourcing","name":"Crowdsourcing","type":"variant","priority":5}]},{"id":"system_clipboard_leak","name":"System Clipboard Leak","type":"subcategory","children":[{"id":"shared_links","name":"Shared Links","type":"variant","priority":5}]},{"id":"user_password_persisted_in_memory","name":"User Password Persisted in Memory","type":"subcategory","priority":5}]},{"id":"insufficient_security_configurability","name":"Insufficient Security Configurability","type":"category","children":[{"id":"weak_password_policy","name":"Weak Password Policy","type":"subcategory","priority":5},{"id":"no_password_policy","name":"No Password Policy","type":"subcategory","priority":4},{"id":"weak_password_reset_implementation","name":"Weak Password Reset Implementation","type":"subcategory","children":[{"id":"token_is_not_invalidated_after_use","name":"Token is Not Invalidated After Use","type":"variant","priority":4},{"id":"token_is_not_invalidated_after_email_change","name":"Token is Not Invalidated After Email Change","type":"variant","priority":5},{"id":"token_is_not_invalidated_after_password_change","name":"Token is Not Invalidated After Password Change","type":"variant","priority":5},{"id":"token_has_long_timed_expiry","name":"Token Has Long Timed Expiry","type":"variant","priority":5},{"id":"token_is_not_invalidated_after_new_token_is_requested","name":"Token is Not Invalidated After New Token is Requested","type":"variant","priority":5}]},{"id":"lack_of_verification_email","name":"Lack of Verification Email","type":"subcategory","priority":5},{"id":"lack_of_notification_email","name":"Lack of Notification Email","type":"subcategory","priority":5},{"id":"weak_registration_implementation","name":"Weak Registration Implementation","type":"subcategory","children":[{"id":"allows_disposable_email_addresses","name":"Allows Disposable Email Addresses","type":"variant","priority":5}]},{"id":"weak_2fa_implementation","name":"Weak 2FA Implementation","type":"subcategory","children":[{"id":"missing_failsafe","name":"Missing Failsafe","type":"variant","priority":5}]}]},{"id":"using_components_with_known_vulnerabilities","name":"Using Components with Known Vulnerabilities","type":"category","children":[{"id":"rosetta_flash","name":"Rosetta Flash","type":"subcategory","priority":4},{"id":"outdated_software_version","name":"Outdated Software Version","type":"subcategory","priority":5},{"id":"captcha_bypass","name":"Captcha Bypass","type":"subcategory","children":[{"id":"ocr_optical_character_recognition","name":"OCR (Optical Character Recognition)","type":"variant","priority":5}]}]},{"id":"insecure_data_storage","name":"Insecure Data Storage","type":"category","children":[{"id":"sensitive_application_data_stored_unencrypted","name":"Sensitive Application Data Stored Unencrypted","type":"subcategory","children":[{"id":"on_external_storage","name":"On External Storage","type":"variant","priority":4},{"id":"on_internal_storage","name":"On Internal Storage","type":"variant","priority":5}]},{"id":"server_side_credentials_storage","name":"Server-Side Credentials Storage","type":"subcategory","children":[{"id":"plaintext","name":"Plaintext","type":"variant","priority":4}]},{"id":"non_sensitive_application_data_stored_unencrypted","name":"Non-Sensitive Application Data Stored Unencrypted","type":"subcategory","priority":5},{"id":"screen_caching_enabled","name":"Screen Caching Enabled","type":"subcategory","priority":5}]},{"id":"lack_of_binary_hardening","name":"Lack of Binary Hardening","type":"category","children":[{"id":"lack_of_exploit_mitigations","name":"Lack of Exploit Mitigations","type":"subcategory","priority":5},{"id":"lack_of_jailbreak_detection","name":"Lack of Jailbreak Detection","type":"subcategory","priority":5},{"id":"lack_of_obfuscation","name":"Lack of Obfuscation","type":"subcategory","priority":5},{"id":"runtime_instrumentation_based","name":"Runtime Instrumentation-Based","type":"subcategory","priority":5}]},{"id":"insecure_data_transport","name":"Insecure Data Transport","type":"category","children":[{"id":"executable_download","name":"Executable Download","type":"subcategory","children":[{"id":"no_secure_integrity_check","name":"No Secure Integrity Check","type":"variant","priority":4},{"id":"secure_integrity_check","name":"Secure Integrity Check","type":"variant","priority":5}]}]},{"id":"insecure_os_firmware","name":"Insecure OS/Firmware","type":"category","children":[{"id":"command_injection","name":"Command Injection","type":"subcategory","priority":1},{"id":"hardcoded_password","name":"Hardcoded Password","type":"subcategory","children":[{"id":"privileged_user","name":"Privileged User","type":"variant","priority":1},{"id":"non_privileged_user","name":"Non-Privileged User","type":"variant","priority":2}]}]},{"id":"broken_cryptography","name":"Broken Cryptography","type":"category","children":[{"id":"cryptographic_flaw","name":"Cryptographic Flaw","type":"subcategory","children":[{"id":"incorrect_usage","name":"Incorrect Usage","type":"variant","priority":1}]}]},{"id":"privacy_concerns","name":"Privacy Concerns","type":"category","children":[{"id":"unnecessary_data_collection","name":"Unnecessary Data Collection","type":"subcategory","children":[{"id":"wifi_ssid_password","name":"WiFi SSID+Password","type":"variant","priority":4}]}]},{"id":"network_security_misconfiguration","name":"Network Security Misconfiguration","type":"category","children":[{"id":"telnet_enabled","name":"Telnet Enabled","type":"subcategory","children":[{"id":"credentials_required","name":"Credentials Required","type":"variant","priority":4}]}]},{"id":"mobile_security_misconfiguration","name":"Mobile Security Misconfiguration","type":"category","children":[{"id":"ssl_certificate_pinning","name":"SSL Certificate Pinning","type":"subcategory","children":[{"id":"absent","name":"Absent","type":"variant","priority":5},{"id":"defeatable","name":"Defeatable","type":"variant","priority":5}]}]},{"id":"client_side_injection","name":"Client-Side Injection","type":"category","children":[{"id":"binary_planting","name":"Binary Planting","type":"subcategory","children":[{"id":"privilege_escalation","name":"Privilege Escalation","type":"variant","priority":4},{"id":"no_privilege_escalation","name":"No Privilege Escalation","type":"variant","priority":5}]}]},{"id":"other","name":"Other","priority":null,"type":"category"}]

Path Params

version_number
float
required

The VRT Version number

Headers

Accept
string
required
 

Retrieve a VRT Classification

 
gethttps://api.bugcrowd.com/vrt/version_number/classification_id
curl --request GET \
  --url https://api.bugcrowd.com/vrt/version_number/classification_id \
  --header 'accept: application/vnd.bugcrowd+json'
var request = require("request");

var options = { method: 'GET',
  url: 'https://api.bugcrowd.com/vrt/version_number/classification_id',
  headers: 
   { accept: 'application/vnd.bugcrowd+json' } };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
require 'uri'
require 'net/http'

url = URI("https://api.bugcrowd.com/vrt/version_number/classification_id")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["accept"] = 'application/vnd.bugcrowd+json'

response = http.request(request)
puts response.read_body
var data = JSON.stringify(false);

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.bugcrowd.com/vrt/version_number/classification_id");
xhr.setRequestHeader("accept", "application/vnd.bugcrowd+json");

xhr.send(data);
import requests

url = "https://api.bugcrowd.com/vrt/version_number/classification_id"

headers = {'accept': 'application/vnd.bugcrowd+json'}

response = requests.request("GET", url, headers=headers)

print(response.text)
A binary file was returned

You couldn't be authenticated

{
  "id": "server_security_misconfiguration",
  "name":"Server Security Misconfiguration",
  "priority": null,
  "type": "category",
  "has_children": true,
  "children": {
    "id": "lack_of_security_headers",
    "name":"Lack of Security Headers",
    "priority": null,
    "type":"subcategory",
    "has_children": true,
    "children": {
      "id": "cache_control_for_a_sensitive_page",
      "name": "Cache-Control for a Sensitive Page",
      "priority": 4,
      "type": "variant",
      "has_children": false,
      "children":{},
      "version":"1.0",
      "parent": "lack_of_security_headers",
      "qualified_vrt_id": "server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_sensitive_page"
    },
    "version": "1.0",
    "parent": "server_security_misconfiguration",
    "qualified_vrt_id": "server_security_misconfiguration.lack_of_security_headers"
  },
  "version": "1.0",
  "parent": null,
  "qualified_vrt_id": "server_security_misconfiguration"
}

Path Params

version_number
float
required

The VRT Version number

classification_id
string
required

The VRT Classification ID. Parent IDs must be joined with a . such as in server_security_misconfiguration.using_default_credentials.

Headers

Accept
string
required
 

For a lookup, join nested ids with a . such as in server_security_misconfiguration.using_default_credentials.production_server. Parent IDs must be included when looking up a variant.