K15t

Apps to Amplify the Atlassian Experience for Everybody

  • $100 – $1,500 per vulnerability
Submit report

Program stats

  • Vulnerabilities rewarded 54
  • Validation within 7 days 75% of submissions are accepted or rejected within 7 days
  • Average payout $900 within the last 3 months

Latest hall of famers

View all 28

Recently joined this program

121 total

Founded in 2009, K15t GmbH specializes in app development and services for the Atlassian products. With its Scroll apps for Confluence, it is the leading provider of extensions for collaborative content management on the Confluence platform. Backbone Issue Sync extends this collaborative approach to Jira by synchronizing Jira issues across projects and instances for seamless inter-team collaboration.

Get Started

(tl;dr version)

  • Do not access data of, modify, destroy or otherwise negatively impact Atlassian and K15t customers, or customer data in any way.
  • Please pay attention if the app you are testing is in scope for Cloud or Data Center.
  • Ensure you understand the targets, scopes, exclusions, and rules below - no public disclosure without prior consent.

Please No Load testing (DoS/DDoS etc) on the instance. This includes application DoS as well as network DoS.

Please ensure you're being non-destructive whilst testing and are only testing using accounts and instances created via the instructions under "Creating your instance". Any testing/spamming live support portals or Marketplace sites will disqualify you and you will be banned from Atlassian programs.

How to setup your test environment

How to set up Cloud instances

  1. Create an Atlassian Confluence, Jira or Jira Service Desk Cloud instance here using your @bugcrowdninja.com email address.
  2. Install the live version of the in-scope apps from the Atlassian marketplace
  3. Get a free trial license, make sure to unsubscribe before the billing cycle starts (after 30 days). Alternatively, you can pay for the Atlassian Cloud instance and App you test, there is currently no way for Cloud vendors to supply you with a promotion code or free Cloud license.
  4. Start from 1. after 30 days

How to set up Data Center instances

  1. Navigate to www.atlassian.com and download the Data Center version of the product you want to test
  2. Install it and generate a trial license for the product
  3. Install the latest version of the in-scope apps from the Atlassian marketplace and use a timebomb license or start a trial license for each app
  4. Start testing

Target Apps in Scope

Apps in Scope for Cloud

Backbone Issue Sync for Jira

You must first setup a Jira Cloud instance and then install Backbone Issue Sync from the Atlassian marketplace. Start testing by creating synchronizations between projects and across Jira Cloud instances. To test Backbone Issue Sync with cross-instance synchronization to the full extent you will need two Jira Cloud or Jira Service Desk Cloud instances.
Please see our documentation for Backbone Issue Sync for more details.

Scroll Exporter apps for Confluence

You must first set up a Confluence cloud instance and then install Scroll PDF Exporter, Scroll Word Exporter, or Scroll HTML Exporter along with the Scroll Exporter Extensions app from the Atlassian marketplace. Start testing by exporting Confluence pages using our PDF, Word, and HTML exporters. Create custom export templates for PDF, Word, and HTML exports and add macros and features from the Scroll Exporter Extensions app to your Confluence pages.
Please see our documentation about the PDF, Word, or HTML exporters as well as the exporter extensions for more details.

Scroll Documents for Confluence

You must first set up a Confluence Cloud instance and install Scroll Documents for Confluence from the Atlassian Marketplace. Start testing by creating a new document. Copy the document, create versions of it, apply restrictions to it, compare versions or copies, and create read requests.
Please see our documentation for Scroll Documents for more details.

Variants for Scroll Documents

This is an extension to Scroll Documents for Confluence. Please first install that app and then install Variants for Scroll Documents from the Atlassian Marketplace.
Please see the variants-specific section of our documentation for more details.

Translations for Scroll Documents

This is an extension to Scroll Documents for Confluence. Please first install that app and then install Translations for Scroll Documents from the Atlassian Marketplace.
Please see the translations-specific section of our documentation for more details.

Scroll Imagemap for Confluence

You must first set up a Confluence Cloud instance and install Scroll ImageMap for Confluence from the Atlassian Marketplace. Start testing by adding a new ImageMap macro. Upload an image. Add clickable link areas to other pages in Confluence or external URLs. Use different link area shapes, edit links and tooltips.
Please see our documentation for Scroll ImageMap for more details.

Scroll Viewport for Confluence

You must first set up a Confluence Cloud instance and install Scroll Viewport for Confluence from the Atlassian Marketplace. Start by creating a site, configuring the theme and previewing and publishing sites - creating, configuring and publishing a site is only available to Confluence administrators and members of the scroll-viewport-admins group.
Please see our documentation for Scroll Viewport for more details.

Scroll Content Quality for Confluence

You must first set up a Confluence Cloud instance and install Scroll Content Quality for Confluence from the Atlassian Marketplace.
Start testing by enabling it in a space and then check some pages. See our getting started docs for more details.

Apps in Scope for Data Center

Scroll Exporter apps for Confluence

You must first set up a Confluence Data Center instance and then install Scroll PDF Exporter, Scroll Word Exporter, and the Scroll HTML Exporter from the Atlassian marketplace. Start testing by exporting Confluence pages using our exporters. Create custom export templates for PDF, Word, and HTML exports and add macros and features to your Confluence pages.
Please see our documentation about the PDF, Word, and HTML exporters for more details.

Scroll Documents for Confluence

You must first set up a Confluence Data Center instance and install Scroll Documents for Confluence from the Atlassian Marketplace. Start testing by creating a new document. Copy the document, create versions of it, apply restrictions to it, compare versions or copies, and create read requests.
Please see our documentation for Scroll Documents for more details.

Variants for Scroll Documents

This is an extension to Scroll Documents for Confluence. Please first install that app and then install Variants for Scroll Documents from the Atlassian Marketplace.
Please see the variants-specific section of our documentation for more details.

Translations for Scroll Documents

This is an extension to Scroll Documents for Confluence. Please first install that app and then install Translations for Scroll Documents from the Atlassian Marketplace.
Please see the translations-specific section of our documentation for more details.

Scroll Imagemap for Confluence

You must first set up a Confluence Data Center instance and install Scroll ImageMap for Confluence from the Atlassian Marketplace. Start testing by adding a new ImageMap macro. Upload an image. Add clickable link areas to other pages in Confluence or external URLs. Use different link area shapes, edit links and tooltips.
Please see our documentation for Scroll ImageMap for more details.

Scroll Versions for Confluence

You must first set up a Confluence Data Center instance and then install Scroll Versions from the Atlassian marketplace. Start testing by following our Get Started Guide.
Please see our documentation for Scroll Versions for more details.

Scroll Translations for Confluence

You must first set up a Confluence Data Center instance and then install Scroll Translations from the Atlassian marketplace. Start testing by following our Get Started Guide.
Please see our documentation for Scroll Translations for more details.

Scroll Viewport for Confluence

You must first set up a Confluence Data Center instance and then install Scroll Viewport from the Atlassian marketplace. Start testing by creating Confluence spaces and pages and publishing them as Viewports using our app. More advanced configurations can integrate content from Scroll Versions and Scroll Translations (see above) into a Viewport. Note that Confluence and space administrators can add custom Velocity, JS, CSS and HTML to Viewports - this is a feature of the app. Users with only View and Edit permission should not be able to do that - e.g. by including malicious payload into Confluence pages.
Please see our documentation for Scroll Viewport for more details.

Ratings/Rewards:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please submit through the Bugcrowd Support Portal. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.