20 points | by virgildotcodes 10 hours ago
4 comments
Up to, so you will get like 1000USD, like another fool who decided to participate in bug bounty.
https://9to5mac.com/2025/07/31/apple-security-bounties-pay-u...
Because that XSS wasn’t actually critical, the CVSS string was also incorrect because it was filled out by the researcher and wasn’t actually assessed by NVD.
Even if you get the maximum amount, that is still less than the NSO (recently acquired by "Investors") would offer for a zero-day.
Earlier: https://news.ycombinator.com/item?id=45536948
Up to, so you will get like 1000USD, like another fool who decided to participate in bug bounty.
https://9to5mac.com/2025/07/31/apple-security-bounties-pay-u...
Because that XSS wasn’t actually critical, the CVSS string was also incorrect because it was filled out by the researcher and wasn’t actually assessed by NVD.
Even if you get the maximum amount, that is still less than the NSO (recently acquired by "Investors") would offer for a zero-day.
Earlier: https://news.ycombinator.com/item?id=45536948