Thank you for the replies! I agree no structure is perfect. I have my own priority system and adjust it on impact as well. I was hoping that was the same with bugcrowd. Impact sure makes a difference. Yes, a lot of us start off going off the top ten, but there are so many more bugs then that. If anyone went to defcon or read about it, you’ll know the top ten doesn’t even cut through the surface of bugs. Of course, it has it’s place. I am on a off-topic rant. So, back to the priority system. I think it makes sense to have it as a default p3 after your reply. I mean, okay you can get the database structure. Can you use that information to exploit anything? No, but someone else may find something you didn’t and tie it together… so I guess that’s why it’s a p3 and not a p4. Thanks @kymberlee!
1 Like