Bug Report

A Report that is submitted on BugBase has comprehensive information about a vulnerability. Below are a few pointers that may help you to understand on how to analyse a report on BugBase

A Bug Report has the following information in it:

  1. Report Title

  2. Report ID

  3. Vulnerability Category

  4. Affected Asset

  5. Affected URL (Optional)

  6. Severity Score (CVSS)

  7. Priority (Based on Severity Score)

  8. Vulnerability Impact

  9. Proof Of Concept (POC) of the Vulnerability

  10. Brief Summary of the Vulnerability

  11. Attachments along with the POC (Optional)

  12. Status of the Report

  13. Reporter Details (Username of the Reporter)

The company representative can converse with the reporter about the details of the vulnerability and discuss impact and remediations.

A Chat Functionality is provided in the Report View for a quick doubt resolution with the report in case more context is required on the POC.

Bug Reports can also be shifted to a different program in the same organization - companies usually do this to segregate reports by scope or confidentiality.

Reporters are provided with an alias email by BugBase, in the format [username]@teambugbase.com, on which the reporter can receive emails. If any sensitive information is to be shared with the reporter, you can use the alias email to contact them.

Next, know more about the Report Lifecycle and Status

Last updated