Jan 31, 2006
LiveJournal permanent accounts for XSS exploits
LiveJournal XSS Security Challenge at Slashdot
LiveJournal has launced an XSS Security Challenge which currently offers a free permanent account (like a paid account but does not have to be renewed, plus there are some other bonus features) to anyone who finds a Cross Site Scripting (XSS) security hole in the CVS code for the site. There’s also the possibility of additional rewards later on, once the Six Apart lawyers have decided on any rules for the challenge. If you know a reasonable amount about JavaScript, you could be in with a chance to not only fix a bug in software used by millions of people every day but also collect a bounty at the same time. What more could you ask for?
A better bounty?!
Heh, fair enough, although I think the last time permanent accounts were made available the cost was $200 so it’s not too bad a bounty.