Program Note for 1Password Ongoing
Thank you for all of your great work on the 1Password program.
This is not an easy web target (for instance, running scanners is unlikely to help you here, and standard XSS-type injections won't yield much either). That being said, 1Password is committed to helping you succeed on this program.
To this end, they've setup a researcher vault with additional, helpful information, that requires your opt-in to receive an invite.
You can opt-in by emailing
firstname.lastname@example.org, provide your @bugcrowdninja email, and you'll be provisioned account access to the vault where 1Password provides supplemental information for testing against the application - including documentation on real issues that were recently found (so as to give direction towards where more issues may be present) and more.
The Bugcrowd Researcher Operations Team