BigCommerce
- $50 – $2,500 per vulnerability
New Targets added
We hope your testing is going well. Here is an update that should make things a bit more interesting!
There have been some recent changes/updates to (TARGET) on the BigCommerce program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new: (list all updated scope below):
| Name | URL | Description | Change | Severity |
|---|---|---|---|---|
| Bigcommerce.com | *.bigcommerce.com | Bugs reported on these domains will now be accepted on a case-by-case basis | Added | High |
| Bigcommerce.net | *.bigcommerce.net | Bugs reported on these domains will now be accepted on a case-by-case basis | Added | Medium |
| mybigcommerce.com | *.your-store.mybigcommerce.com | Bugs reported on these domains will now be accepted on a case-by-case basis | Added | Medium/Low |
iOS Application: https://apps.apple.com/au/app/bigcommerce/id1418570678
Android Application: https://play.google.com/store/apps/details?id=com.bigcommerce.mobile
We handle exceptions in the above Scope on a case-by-case basis.
As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.
Looking forward to hear from you all.
Remember to Out hack `em all.
