@julianlam said in Discussion of NodeBB Updates:
We don't quite know what we're going to do with respect to a bug bounty system yet, but we're more than happy to establish one privately and see where that goes. At the start we're matching Discourse's payout strategy:
discourse had a payout strategy?
@julianlam said in Discussion of NodeBB Updates:
High โ XSS exploits ($256)
Fuck, i gave away free discourse XSS for nothing and then got a pittance of a donation of $25 later, only because i'd submitted a required # of bugs to their shitty forum too?
@julianlam said in Discussion of NodeBB Updates:
- I want to point out here, that I'm not a security researcher, nor do I have much exposure to the pentesting community, and so if the prices I was quoted are in the standard range, then I am the one who is misinformed. The last thing I want to do here is come off as hypocritical.
hell, you're willing to pay for security, you're already 1 step ahead of