Submission Page

The Submissions page provides a snapshot of the vulnerabilities you have reported. Go to the Work tab and click Submissions.

work-submissions

You can view the current state of a submission, the number of comments, accepted submissions, the amount and points rewarded.

submissions-page

From this page, you can:

Finding a Specific Submission

Using the search bar on the page, you can select a pre-defined filter to find submissions based on their current status or you can build your own by specifying exact variables.

filter

If you need information about the search operators, click Search Help.

search-help

Monitor Submission Activity

You can view the history of all events logged for your submission, in the order in which they occurred, the comments you have added, the Bugcrowd staff, or the Program Owner(s) have added. You can also see if there is any activity on your submission, when there is any communication between Bugcrowd staff and the customer, or Bugcrowd staff internally. To view the activities, go to the Work tab, then go to Submissions and click on the submission for which you wish to view the activity.

program-activity-feed

Activities tracked include:

  • Adjustments made to a submission’s priority
  • Changes to the submission status
  • Monetary and point rewards
  • Any comments made on the submission. The Activity feed populates when any messages are sent, in the following scenarios:

    • When Bugcrowd staff or the customer sends a public message, you can see the activity, the content of message as well as the sender’s name and avatar.

    • When Bugcrowd staff or the customer sends a private message to you, only you can see the activity and the content of the message. You can also see the name and avatar of the sender.

    • When Bugcrowd staff sends a message internally to Bugcrowd staff and do not choose to hide it from the researchers and the customer. You can see the activity, however the content of the message, avatar, and sender’s name is redacted.

    • When Bugcrowd staff or the customer sends private messages to each other, you can see the activity. However, the content of the message, sender’s name, and avatar is redacted.

All activities on your submission also appear in the Activity tab of your Dashboard page.

dashboard-activity-feed

Viewing Edited Submission

Sometimes, the submitted vulnerability report may not be fully complete or may contain unintentional errors. ASEs can submit edits for these reports and the changes will be shared with the submitting researcher. The customer will receive the edited submission details for review and reward. Researchers will be able to see their original and edited submission side-by-side, and can learn about the changes and leverage them for their future submissions. For more details, see improving report quality through submission editing by Bugcrowd ASE.

activity

Commenting on a Submission

Program owners and the Bugcrowd staff use comments to communicate with you on your submissions. Generally, you will receive a comment on your submission if you must provide additional information in your report. This is required to complete the triage process.

When a submission receives a new comment or has a blocker, an e-mail notification is sent to you. You can click on the link in the e-mail or log into Bugcrowd to respond.

To respond to a comment, go to the submission, and add your comment in the text box as shown.

comment

Click Send Message to send your response.

Blockers

Submission blockers notify you if a user is blocked and requires an action or additional information from you to proceed. For more information, see blockers.