Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
owaspjavasanitizer
1
In Scope
0
Out of Scope
In-Scope Assets (1)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | OTHER | No | - |
Scope Changes (5)
Mar 5, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | OTHER | In Scope | 22:37 |
| Added | https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | OTHER | In Scope | 22:37 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | URL | In Scope | 19:20 |
| Added | https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | OTHER | In Scope | 17:19 |
| Added | https://github.com/OWASP/OWASPBugBounty/tree/master/JavaHTMLSanitizer/war-files | OTHER | In Scope | 17:19 |