Bath & Body Works Vulnerability Disclosure Program

Bath & body works, Inc. makes the world a brighter, happier place through the power of fragrance. Please submit your findings to this Vulnerability Disclosure Program.

  • Safe harbor
Submit report

We no longer offer point rewards for submissions on this program. Please refer to our blog post: How Bugcrowd sees VDPs and points for more details.

Program stats

  • Vulnerabilities accepted 0
  • Validation within 2 days 75% of submissions are accepted or rejected within 2 days

Latest hall of famers

View all 15

Recently joined this program

41 total

No technology is perfect and Bath & body works believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. We are excited for you to participate as a security researcher to help us identify vulnerabilities in our target. Good luck, and happy hunting!

Ratings/Rewards:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Scope

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

Learn more about Bugcrowd’s VRT.