50076 policies in database
Link to program      
2021-06-24
K15t logo
Thank
Gift
HOF
Reward

Reward

100 $ 

K15t

Founded in 2009, K15t GmbH specializes in app development and services for the Atlassian products. With its Scroll apps for Confluence, it is the leading provider of extensions for collaborative content management on the Confluence platform. Backbone Issue Sync extends this collaborative approach to Jira by synchronizing Jira issues across projects and instances for seamless inter-team collaboration.

Get Started

(tl;dr version)

  • Do not access data of, modify, destroy or otherwise negatively impact Atlassian and K15t customers, or customer data in any way.
  • Please pay attention if the app you are testing is in scope for Cloud or Data Center.
  • Ensure you understand the targets, scopes, exclusions, and rules below - no public disclosure without prior consent.

Please No Load testing (DoS/DDoS etc) on the instance. This includes application DoS as well as network DoS.

Please ensure you're being non-destructive whilst testing and are only testing using accounts and instances created via the instructions under "Creating your instance". Any testing/spamming live support portals or Marketplace sites will disqualify you and you will be banned from Atlassian programs.

How to setup your test environment

How to set up Cloud instances

  1. Create an Atlassian Confluence, Jira or Jira Service Desk Cloud instance here using your @bugcrowdninja.com email address.
  2. Install the live version of the in-scope apps from the Atlassian marketplace
  3. Get a free trial license, make sure to unsubscribe before the billing cycle starts (after 30 days). Alternatively, you can pay for the Atlassian Cloud instance and App you test, there is currently no way for Cloud vendors to supply you with a promotion code or free Cloud license.
  4. Start from 1. after 30 days

How to set up Data Center instances

  1. Navigate to www.atlassian.com and download the Data Center version of the product you want to test
  2. Install it and generate a trial license for the product
  3. Install the latest version of the in-scope apps from the Atlassian marketplace and use a timebomb license or start a trial license for each app
  4. Start testing

Target Apps in Scope

Apps in Scope for Cloud

Backbone Issue Sync for Jira

You must first setup a Jira Cloud instance and then install Backbone Issue Sync from the Atlassian marketplace. Start testing by creating synchronizations between projects and across Jira Cloud instances. To test Backbone Issue Sync with cross-instance synchronization to the full extent you will need two Jira Cloud or Jira Service Desk Cloud instances.
Please see our documentation for Backbone Issue Sync for more details.

Scroll Exporter apps for Confluence

You must first set up a Confluence cloud instance and then install Scroll PDF Exporter, Scroll Word Exporter along with the Scroll Exporter Extensions app from the Atlassian marketplace. Start testing by exporting Confluence pages using our PDF and Word exporters. Create custom export templates for PDF and Word exports and add macros and features from the Scroll Exporter Extensions app to your Confluence pages.
Please see our documentation about the PDF or Word exporters as well as the exporter extensions for more details.

Scroll Documents for Confluence

You must first set up a Confluence Cloud instance and install Scroll Documents for Confluence from the Atlassian Marketplace. Start testing by creating a new document. Copy the document, create versions of it, apply restrictions to it, compare versions or copies, and create read requests.
Please see our documentation for Scroll Documents for more details.

Scroll Imagemap for Confluence

You must first set up a Confluence Cloud instance and install Scroll ImageMap for Confluence from the Atlassian Marketplace. Start testing by adding a new ImageMap macro. Upload an image. Add clickable link areas to other pages in Confluence or external URLs. Use different link area shapes, edit links and tooltips.
Please see our documentation for Scroll ImageMap for more details.

Scroll Viewport for Confluence

You must first set up a Confluence Cloud instance and install Scroll Viewport for Confluence from the Atlassian Marketplace. Start by creating a site, configuring the theme and previewing and publishing sites - creating, configuring and publishing a site is only available to Confluence administrators and members of the scroll-viewport-admins group.
Please see our documentation for Scroll Viewport for more details.

Apps in Scope for Data Center

Scroll Exporter apps for Confluence

You must first set up a Confluence Data Center instance and then install Scroll PDF Exporter, Scroll Word Exporter, and the Scroll HTML Exporter from the Atlassian marketplace. Start testing by exporting Confluence pages using our exporters. Create custom export templates for PDF, Word, and HTML exports and add macros and features to your Confluence pages.
Please see our documentation about the PDF, Word, and HTML exporters for more details.

Scroll Versions for Confluence

You must first set up a Confluence Data Center instance and then install Scroll Versions from the Atlassian marketplace. Start testing by following our Get Started Guide.
Please see our documentation for Scroll Versions for more details.

Scroll Translations for Confluence

You must first set up a Confluence Data Center instance and then install Scroll Translations from the Atlassian marketplace. Start testing by following our Get Started Guide.
Please see our documentation for Scroll Translations for more details.

Ratings/Rewards:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

In Scope

Scope Type Scope Name
web_application

https://marketplace.atlassian.com/apps/1215199/backbone-issue-sync-for-jira?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/1217608/scroll-documents-for-confluence?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/7019/scroll-pdf-exporter-for-confluence?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/24982/scroll-word-exporter-for-confluence?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/1217037/scroll-exporter-extensions?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/253/scroll-imagemap-for-confluence?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/1211636/scroll-viewport-for-confluence?hosting=cloud

web_application

https://marketplace.atlassian.com/apps/7019/scroll-pdf-exporter-for-confluence?hosting=datacenter

web_application

https://marketplace.atlassian.com/apps/24982/scroll-word-exporter-for-confluence?hosting=datacenter

web_application

https://marketplace.atlassian.com/apps/420604/scroll-html-exporter-for-confluence?hosting=datacenter

web_application

https://marketplace.atlassian.com/apps/1210818/scroll-versions-for-confluence?hosting=datacenter

web_application

https://marketplace.atlassian.com/apps/1211616/scroll-translations-for-confluence?hosting=datacenter

web_application

https://marketplace.atlassian.com/apps/253/scroll-imagemap-for-confluence?hosting=datacenter&tab=overview

web_application

https://marketplace.atlassian.com/apps/1215199/backbone-issue-sync-for-jira?hosting=datacenter&tab=overview

web_application

https://marketplace.atlassian.com/apps/1217608/scroll-documents-for-confluence?hosting=datacenter&tab=overview

Out of Scope

Scope Type Scope Name
undefined

Any other subdomains of k15t.com, including but not limited to www.k15t.com, www.k15t.de and help.k15t.com

web_application

https://marketplace.atlassian.com/*


This policy crawled by Onyphe on the 2021-06-24 is sorted as bounty.

FireBounty © 2015-2024

Legal notices | Privacy policy