|
|
|
|
|
|
by borski
702 days ago
|
|
|
It depends on the vuln and the need. For example, an XSS won’t net you very much, unless the buyer already has a browser RCE but needs a way to deliver it to a target they know uses a particular service or browser, and for that they may need an XSS. Still won’t net you as much as an RCE, but they do get bought sometimes. |
|
|