1Shoppingcart.com

Web.com and its subsidiaries, including 1ShoppingCart, maintain multiple website builders that allow you varying access to the HTML of your own page. XSS findings on these HTML editors is not available for payout, as this is a feature not a bug. If it can be demonstrated that, using these features, one is able to steal sessions, make malicious requests, or exfiltrate data across accounts, these findings will be rewarded. Simple XSS in HTML meant to be controlled by the customer, however, is not. Thank you all for your continued work, and be sure to check out the new RCE bonus reward. Happy hunting!