Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
owasp-vdp-pro
3
In Scope
3
Out of Scope
In-Scope Assets (3)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| All publicly accessible OWASP systems | OTHER | No | - | |
| https://owasp.org/ | URL | No | ||
| https://www.owasp.community/ | URL | No |
Out-of-Scope Assets (3)
| Asset | Category | Bounty | |
|---|---|---|---|
| Donation/Payment Gateways | OTHER | No | |
| GlueUp | OTHER | No | |
| Membership Portal | OTHER | No |
Scope Changes (30)
Mar 5, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | donation/payment gateways | OTHER | Out of Scope | 22:32 |
| Added | glueup | OTHER | Out of Scope | 22:32 |
| Added | membership portal | OTHER | Out of Scope | 22:32 |
| Added | https://owasp.org/ | URL | In Scope | 22:32 |
| Added | https://www.owasp.community/ | URL | In Scope | 22:32 |
| Added | all publicly accessible owasp systems | OTHER | In Scope | 22:32 |
| Added | https://owasp.org/ | URL | In Scope | 22:32 |
| Added | donation/payment gateways | OTHER | Out of Scope | 22:32 |
| Added | glueup | OTHER | Out of Scope | 22:32 |
| Added | membership portal | OTHER | Out of Scope | 22:32 |
| Added | https://www.owasp.community/ | URL | In Scope | 22:32 |
| Added | all publicly accessible owasp systems | OTHER | In Scope | 22:32 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | donation/payment gateways | OTHER | Out of Scope | 19:15 |
| Added | https://www.owasp.community/ | URL | In Scope | 19:15 |
| Added | membership portal | OTHER | Out of Scope | 19:15 |
| Added | glueup | OTHER | Out of Scope | 19:15 |
| Added | https://owasp.org/ | URL | In Scope | 19:15 |
| Added | all publicly accessible owasp systems | OTHER | In Scope | 19:15 |
| Added | all publicly accessible owasp systems | WILDCARD | In Scope | 17:14 |
| Added | donation/payment gateways | OTHER | Out of Scope | 17:14 |
| Added | glueup | OTHER | Out of Scope | 17:14 |
| Added | membership portal | OTHER | Out of Scope | 17:14 |
| Added | https://www.owasp.community/ | URL | In Scope | 17:14 |
| Added | https://owasp.org/ | URL | In Scope | 17:14 |
| Added | donation/payment gateways | OTHER | Out of Scope | 17:14 |
| Added | glueup | OTHER | Out of Scope | 17:14 |
| Added | membership portal | OTHER | Out of Scope | 17:14 |
| Added | https://www.owasp.community/ | URL | In Scope | 17:14 |
| Added | all publicly accessible owasp systems | OTHER | In Scope | 17:14 |
| Added | https://owasp.org/ | URL | In Scope | 17:14 |