Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
tbs-sct
15
In Scope
3
Out of Scope
In-Scope Assets (15)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.cds-snc.ca | WILDCARD | No | ||
| *.cdssandbox.xyz | WILDCARD | No | ||
| *.digital.canada.ca | WILDCARD | No | ||
| *.notification.canada.ca | WILDCARD | No | ||
| *.numerique.canada.ca | WILDCARD | No | ||
| api.signin-connexion.canada.ca | URL | No | ||
| app.signin-connexion.canada.ca | URL | No | ||
| articles.alpha.canada.ca | URL | No | ||
| auth.signin-connexion.canada.ca | URL | No | ||
| delivrance-verification.alpha.canada.ca | URL | No | ||
| design-system.alpha.canada.ca | URL | No | ||
| forms-formulaires.alpha.canada.ca | URL | No | ||
| gciv-dvgc.alpha.canada.ca | URL | No | ||
| issue-verify.alpha.canada.ca | URL | No | ||
| talent.canada.ca | URL | No |
Out-of-Scope Assets (3)
| Asset | Category | Bounty | |
|---|---|---|---|
| All other assets | OTHER | No | |
| blawx.cdssandbox.xyz | URL | No | |
| strapi.cdssandbox.xyz | URL | No |