Help Center

What are Report Templates?

One of the most important elements of running a successful bug bounty campaign is ensuring you get high quality reports. Part of this is ensuring that hackers are providing you with all the information you need to verify and validate the report. This is where Report Templates can be helpful.

Instead of the report submission form being an empty white box where the hacker has to remember to submit the right details, a Report Template can prompt them for the details you need.

The idea is simple: you create a (Markdown powered) template and when a hacker submits a new report, that template is pre-loaded, which can then request certain types of information. To add a Report Template, just navigate to Team Settings > Program > Submit Report Form, add the template to the box and click Update.

 

Hackers submitting reports to your program will then be greeted with a pre-populated Issue information box, assuming no report draft has previously been saved.

An Example

As an example, let’s assume you have a mobile app. You may want the following template to gather additional details:

> Thanks for submitting a report! Please replace *all* the [square] sections below with the pertinent details. You can remove this paragraph before you submit.

**Summary:** [add summary of the vulnerability]

**App Version:** [add app version here]
**App OS:** [add OS here and version]

## Steps to Reproduce:

  1. [add step]
  1. [add step]

As you can see, this template makes it clear what information the hacker is expected to submit.

Sample Templates

To help you get started, here are some sample templates for different types of applications.

Web Application

> NOTE! Thanks for submitting a report! Please replace *all* the [square] sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report!

**Summary:** [add summary of the vulnerability]

**Description:** [add more details about this vulnerability]

## Browsers Verified In:

  * [add each browser and version number tested in]
  * [add each browser and version number tested in]

## Steps To Reproduce:

(Add details for how we can reproduce the issue)

  1. [add step]
  1. [add step]
  1. [add step]

## Supporting Material/References:

  * List any additional material (e.g. screenshots, logs, etc.)

Mobile Application

> NOTE! Thanks for submitting a report! Please replace *all* the [square] sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report!

**Summary:** [add summary of the vulnerability]

**Description:** [add more details about this vulnerability]

## Versions Affected:

  * [list each version and OS of the application affected]
  * [list each version and OS of the application affected]

## Steps To Reproduce:

(Add details for how we can reproduce the issue)

  1. [add step]
  1. [add step]
  1. [add step]

## Supporting Material/References:

  * List any additional material (e.g. screenshots, logs, etc.)

Server Application

> NOTE! Thanks for submitting a report! Please replace *all* the [square] sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling out the report!

**Summary:** [add summary of the vulnerability]

**Description:** [add more details about this vulnerability]

## Releases Affected:

  * [list each version and OS of the application affected]
  * [list each version and OS of the application affected]

## Steps To Reproduce:

(Add details for how we can reproduce the issue)

  1. [add step]
  1. [add step]
  1. [add step]

## Supporting Material/References:

  * List any additional material (e.g. screenshots, logs, etc.)
Have more questions? Submit a request
Powered by Zendesk