Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

/engagements/overstockvdp

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (7)

Asset	Category	Bounty	Quick Links
https://*.bedbathandbeyond.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://*.supplieroasis.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://api.bedbathandbeyond.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://apps.apple.com/us/app/overstock-com-mobile-shopping/id339883869	IOS	No	-
https://edge.supplieroasis.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://play.google.com/store/apps/details?id=com.overstock&hl=en_US	ANDROID	No	Play Store APKPure APKMirror
www.bedbathandbeyond.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Out-of-Scope Assets (2)

Asset	Category	Bounty
help.overstock.com	URL	No
investors.overstock.com	URL	No