Hacker News new | ask | show | jobs
by edm0nd 482 days ago
how much of a bounty was paid to Eva for this finding?
2 comments
richardboegli 482 days ago
> they were nice enough to compensate me for my efforts and were very nice in general.

They were compensated, but doesn't elaborate.

link
jsheard 482 days ago
Sounds like it was handled better than the authors last article where the Arc browser company initially didn't offer any bounty for a similar RCE, then awarded a paltry $2k after getting roasted, and finally bumped it up to $20k after getting roasted even more.
link
sphars 482 days ago
They later updated their post, at the bottom:

> for those wondering, in total i got 5k for this vuln, which i dont blame todesktop for because theyre a really small company

link
oriettaxx 482 days ago
50.000$ additional to the first 5.000$ :)

Woooowwww!

See latest line: "update: cursor (one of the affected customers) is giving me 50k USD for my efforts."

link
eviks 482 days ago
> for those wondering, in total i got 5k for this vuln
link
edm0nd 481 days ago
thanks for the update. that wasnt stated when the blog post first dropped.
link