franceconnect-proconnect-public
YesWeHackView on YesWeHack
5
In Scope
4
Out of Scope
In-Scope Assets (5)
| Asset | Category | Quick Links | |
|---|---|---|---|
| FranceConnect (see program description for github link) | URL | - | |
| FranceConnect+ (see program description for github link) | URL | - | |
| Specific scenarios (see program description) | OTHER | - | |
| User Dashboard (see program description for github link) | URL | - | |
| eIDAS Bridge (see program description for github link) | URL | - |
Out-of-Scope Assets (4)
| Asset | Category | |
|---|---|---|
| All partners and all mocks are out of scope (but you can use the deployed mocks at your discretion to attack the scope). | OTHER | |
| The production environment (*.gouv.fr) is out of scope. | OTHER | |
| The local stack (*.docker.dev-franceconnect) is a powerful tool for you to understand the internals processes but is out of scope (the exploit should as well work in the scope to qualify). | OTHER | |
| https://fcp.integ01.dev-franceconnect.fr | OTHER |