yinyaptopus
commented
1 year ago Hi Igibek,
Thank you for letting us know. We operate public bug bounty programs via Bugcrowd and you can join that program here if you like:
- Octopus.com bug bounty program - https://bugcrowd.com/octopus-og
- Octopus server bug bounty program - https://bugcrowd.com/octopus-deploy
We really appreciate the work that you do behind the scenes.
Important: please ensure that you've read our scope first, and that you stay within scope.
Regards, and happy bug hunting!
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository