Wormable XSS in Twitter

I totally agree with you. In my experience as well, bug bounty platforms only ever care about their paying clients. If a dispute ever happens, researchers have basically no means of verifying any claim whatsoever—and there’s no such thing as a fair treatment policy. If you do make such a site someday, I’ll be happy to supply you with content 🙂

Leave a Reply