|
|
|
|
|
|
by sensitivefrost
1460 days ago
|
|
|
Yes? That's how bug bounties work. Companies that care about their security pay for bugs. Those that don't, don't. Sony care, but $20k for this chain of bugs is pretty poor, especially when they offer up to $50k (for criticals). I'm curious why Sony think this is a High severity and not Critical. EDIT: looks like it's not critical because of this https://twitter.com/theflow0/status/1535424299397369856 In which case, 20k still feels low, but not as unfair. |
|
|