Confirmed users
112
edits
Security/Web Bug Rotation: Difference between revisions
Adding boilerplate comment to add once the bug is fixed
(Add section on what to do after verification) |
(Adding boilerplate comment to add once the bug is fixed) |
||
| Line 41: | Line 41: | ||
= Vulnerability Mitigation process = | = Vulnerability Mitigation process = | ||
When the reported vulnerability is mitigated, the engineer that did the work should change the bug status from '''NEW''' to '''FIXED''' | When the reported vulnerability is mitigated, the engineer that did the work should change the bug status from '''NEW''' to '''FIXED'''. The engineer or bug bounty triager should then add a comment to the bug so the reporter knows what happens next. That comment should be | ||
<blockquote> | |||
Thanks very much for reporting this issue to us. Now that the issue is fixed, the bug bounty team will be reviewing your report over the upcoming weeks to make a determination of what if any award Mozilla will be granting for this report. It may take up to 3 weeks but know that we've not forgotten this ticket, we have a tracking system and a review cadence that will ensure that all potentially bounty eligible reports get reviewed and acted on. | |||
</blockquote> | |||
=Bounty= | =Bounty= | ||