Yes! As program administrators, you can customize the form where hackers submit their vulnerability reports. We currently support customizable introduction text and hiding or disabling vulnerability types. If you have additional customizations you'd like to make, please contact us.
To get started configuring your submission form page, visit Settings > Submission Form.
Introduction Text Configuration
This allows you to customize the introduction text shown at the top of report submission page. You can highlight important information from your policy and bounty eligibility; you can also specify attributes of a good report, address frequently asked questions, or provide any additional guidance for hackers.
Report Template Configuration
This allows you to configure a Markdown-based report template that will be pre-populated in the Issue Information field on the submission page. This can be useful in guiding hackers to submit the pieces of information you are looking for when going through reports. For further detail, see What are Report Templates?
Vulnerability Type Configuration
All vulnerability types are shown without instructions by default. You can choose to show (with or without instructions), hide, or disable any of the available vulnerability types.
If you hide a vulnerability type, it disappears from the submission page and is no longer available to be selected by hackers.
If you choose to show a vulnerability type with special instructions, the instructions will be shown to hackers on the submission page upon selection.
If you disable a vulnerability type, it is still listed on the submission form but attempting to select it triggers a contextual message to the researchers, and submission is disallowed.