Indian discovers multiples XSS and CSRF bugs in eBay Magento eCommerce web application, gets awarded $11,171 as bug bounty

0
Atulkumar Shedage, a web application security researcher from India has found out multiple bugs in the  Ebay Magento eCommerce website. Atul Shedage  who is the member of Bugcrowd community has won 1st prize for finding the bugs and a bounty of $11,171.00 for his discoveries.
Indian discovers a bug in Ebay Magento eCommerce web application, gets awarded $11,171 as bug bounty
Atul who is already a certified bug tracker for Bugcrowd has already been acknowledged by mega tech companies like Google, Apple, etsy, Facebook,Github etc.  Bugcrowd ranks him 14th in their list of bug trackers with 179 points.  As per Bugcrowd, Atul has already 50 bug discoveries. 

Regarding the bug discovery in Ebay Magento e-Commerce web application, Atul has made five bug discoveries.  All the bugs are related to the xss (cross scripting) and CSRF scripts which can allow a potential hacker/attacker to remotely access the eBay Magento e-Commerce web application.  The bounty has been announced officially only yesterday, so the details regarding the bugs found by Atul are sketchy. eBay has already acknowledged the bugs, the image of which is reproduced below.
Indian discovers a bug in Ebay Magento eCommerce web application, gets awarded $11,171 as bug bounty
Atul is member of the Bugcrowd which is a brainchild of two entrepreneurs and former security consultants, Casey Ellis and chris raethke.  Bugcrowd allows security researchers, ethical hackers, white hat hackers and bug trackers to collaborate and channelise their love for bugs and hacking in a positive way. Ellis and Belokamen founded Bugcrowd two years back and has since grown manifold. 
It combines crowdsourcing with information security, providing businesses with a crowd of well-intending hackers to discover vulnerabilities before more malicious types do, whereby benefiting both the companies and the hackers in a meaningful way.

LEAVE A REPLY

Please enter your comment!
Please enter your name here