HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Do NOT use this forum for HackerOne type activity.
whu606
MVP
Accounts using this forum to test Vanilla's vulnerabilities will be deleted on sight.
The terms make it clear you should NOT be using live sites.
5
Comments
I find it slightly hilarious that people who even haven't figured out how to set up a test forum for their own think basic attacks will work (posting
<
h1> in the hopes html tags aren't filtered right? Really?).
I'd also like to remind people that although I'm not a lawyer, I'm pretty sure that exploiting vulnerabilities of sites is pretty illegal if you don't have permission (which they obviously have not for live sites), and completely unnecessary in the case of open source software.
You should see what they're doing to our "Free Trial" page for cloud. It's just ridiculous.
https://open.vanillaforums.com/activity/item/298169
they probably don't have an interest in setting up test forum. being good at one thing doesn't imply being good at another.
the link is pretty much a dead link or nothing informative in the link itself.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.