Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

/engagements/xero-vdp-pro

BugcrowdView on Bugcrowd
RawAI Enhanced
13
In Scope
0
Out of Scope

In-Scope Assets (13)

AssetCategoryBountyQuick Links
*.api.xero.comURLNo
https://apps.xero.comURLNo
https://bankaccounts.xero.comURLNo
https://central.xero.comURLNo
https://fixedassets.xero.comURLNo
https://go.xero.comURLNo
https://identity.xero.comURLNo
https://login.xero.comURLNo
https://my.xero.comURLNo
https://payroll.xero.comURLNo
https://reporting.xero.comURLNo
https://www.xero.com/{region}/advisors URLNo
https://xero.comURLNo