You are hacking on: Netlify

Powered by:

Allows bounty splitting:

Average time to first program response: 14

Average time to bounty awarded null: 424

Average time to report resolved: 1975

Handle netlify

Managed program: true

Name: Netlify

Offers bounties: true

Offers swag: true

Response efficiency percentage: 98

Submission state: open

Url: https://hackerone.com/netlify

Website: https://www.netlify.com

In scope:

Asset identifier: *.infra-prod.nsvcs.net

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements:

Max severity: critical

Asset identifier: *.onegraph.com

Asset type: URL

Availability requirement: low

Confidentiality requirement: medium

Eligible for bounty: true

Eligible for submissions: true

Instruction: As of December 28, 2022 this feature is no longer available for Netlify users who have not yet enabled it. See https://docs.netlify.com/netlify-labs/experimental-features/netlify-graph/get-started/.

Integrity requirements: low

Max severity: high

Asset identifier: *.ops.netlify.com

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements:

Max severity: critical

Asset identifier: *.services-prod.nsvcs.net

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements:

Max severity: critical

Asset identifier: *.services.netlify.com

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements:

Max severity: critical

Asset identifier: api.netlify.com

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: `netlify api --list` after installing the CLI: https://docs.netlify.com/cli/get-started/. See also https://open-api.netlify.com/.

Integrity requirements: high

Max severity: critical

Asset identifier: app.netlify.com

Asset type: URL

Availability requirement: low

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: See https://docs.netlify.com/get-started/. Also `netlify init` after installing the CLI: https://docs.netlify.com/cli/get-started/.

Integrity requirements: high

Max severity: critical

Asset identifier: internal-docs.netlify.com

Asset type: URL

Availability requirement: none

Confidentiality requirement: low

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: low

Max severity: medium

Asset identifier: internal.netlify.com

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements:

Max severity: critical

Asset identifier: list-v2--netlify-plugins.netlify.app

Asset type: URL

Availability requirement: none

Confidentiality requirement: low

Eligible for bounty: true

Eligible for submissions: true

Instruction: Powers templates offered by app.netlify.com. See: https://www.netlify.com/integrations/templates/.

Integrity requirements: low

Max severity: medium

Asset identifier: netlify-cdp-loader.netlify.app

Asset type: URL

Availability requirement:

Confidentiality requirement:

Eligible for bounty: true

Eligible for submissions: true

Instruction: Powers this feature: https://docs.netlify.com/site-deploys/deploy-previews/#collaborative-deploy-previews.

Integrity requirements:

Max severity: critical

Asset identifier: netlify-rum.netlify.app

Asset type: URL

Availability requirement: none

Confidentiality requirement: low

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: low

Max severity: medium

Asset identifier: screenshot-proxy.netlify.app

Asset type: URL

Availability requirement: none

Confidentiality requirement: low

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: low

Max severity: medium

Asset identifier: www.netlifycms.org

Asset type: URL

Availability requirement: none

Confidentiality requirement: none

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: low

Max severity: low