Overstock's Vulnerability Disclosure Page!
Overstock.com encourages you to responsibly report any security issues you're able to identify on Overstock.com!
For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.
| Scope Type | Scope Name |
|---|---|
| android_application | Overstock Android Mobile App |
| api | http(s)://api.overstock.com |
| api | checkout.overstockgovernment.com |
| ios_application | Overstock iOS Mobile App |
| web_application | www.overstock.com |
| web_application | cars.overstock.com |
| web_application | pets.overstock.com |
| web_application | *.overstock.com |
| web_application | *.supplieroasis.com |
| web_application | overstockgovernment.com |
| web_application | *.overstockgovernment.com |
| Scope Type | Scope Name |
|---|---|
| web_application | *.handmade.com |
| web_application | financehub.overstock.com |
| web_application | investors.overstock.com |
| web_application | blog.overstock.com |
| web_application | help.overstock.com |
| web_application | miq.overstock.com |
| web_application | snow.overstock.com |
| web_application | hotels.overstock.com |
This program feature scope type like api, android_application, ios_application, web_application.
FireBounty © 2015-2024
