While researching, we'd like to ask you to refrain from:
The PoC must work on the master branch of https://github.com/notepad-plus- plus/notepad-plus-plus __, or the latest build. Older builds are explicitly out of scope.
Vulnerabilities are to be evaluated given contemporary computer architectures.
The PoC must work on the respective repository trunk heads or the latest released version. Older builds are explicitly out of scope.
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Unfortunately, we cannot offer any financial rewards right now, as this project is open-source without any revenue. We hope that public credit listed on our thanks page and the feeling of having done good may be gratifying.
Thank you for helping keep Notepad++ and our users safe!
|Scope Type||Scope Name|
This program have been found on Hackerone on 2019-08-06.