You are hacking on: pixiv

Powered by:

Allows bounty splitting:

Average time to first program response: 11

Average time to bounty awarded null: 199

Average time to report resolved:

Handle pixiv

Managed program: true

Name: pixiv

Offers bounties: true

Offers swag: false

Response efficiency percentage: 100

Submission state: open

Url: https://hackerone.com/pixiv

Website: https://www.pixiv.net

In scope:

Asset identifier: *.fanbox.cc

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: * This site uses pixiv account (signup at https://accounts.pixiv.net).

Integrity requirements: high

Max severity: critical

Asset identifier: accounts.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: * Signin / signup site for many pixiv products (`*.pixiv.net`, `*.booth.pm`, etc).

Integrity requirements: high

Max severity: critical

Asset identifier: booth.pm

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: * This site uses pixiv account (signup at https://accounts.pixiv.net). * PC: https://booth.pm * iOS: https://itunes.apple.com/app/apple-store/id927366361 * Android: https://play.google.com/store/apps/details?id=jp.pxv.android.booth

Integrity requirements: high

Max severity: critical

Asset identifier: comic.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: This site is in Japanese. This site uses pixiv account (signup at https://accounts.pixiv.net). - Web: https://comic.pixiv.net - iOS : https://apps.apple.com/jp/app/pixiv%E3%82%B3%E3%83%9F%E3%83%83%E3%82%AF/id975414811 - Android: https://play.google.com/store/apps/details?id=jp.pxv.android.manga

Integrity requirements: high

Max severity: critical

Asset identifier: dic.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: high

Max severity: critical

Asset identifier: https://github.com/pixiv/charcoal

Asset type: SOURCE_CODE

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: charcoal (https://github.com/pixiv/charcoal) is a set of libraries used as a design system and maintained by pixiv. In scope - Vulnerabilities caused by the libraries included in charcoal - Supply chain vulnerabilities related to the dependencies of charcoal libraries Out of scope - Vulnerabilities of sites using any of the charcoal libraries (including services by pixiv inc)

Integrity requirements: high

Max severity: critical

Asset identifier: hub.vroid.com

Asset type: URL

Availability requirement: high

Confidentiality requirement: low

Eligible for bounty: true

Eligible for submissions: true

Instruction: * This site uses pixiv account (signup at https://accounts.pixiv.net). * This is a site where users share their 3D characters in [VRM file format](https://vrm.dev/en/). * When testing with VRM, please use characters provided by [our official account](https://hub.vroid.com/users/36144806). * Go to a character -> click "Use this model" -> click "Download". * Please avoid interactions / exposure to other users to the best of you ability.

Integrity requirements: medium

Max severity: critical

Asset identifier: neoket.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: high

Max severity: critical

Asset identifier: novel.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: This site is in Japanese. This site uses pixiv account (signup at https://accounts.pixiv.net). - Web: https://novel.pixiv.net

Integrity requirements: high

Max severity: critical

Asset identifier: payment.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: high

Max severity: critical

Asset identifier: sensei.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: high

Max severity: critical

Asset identifier: sketch.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: * This site is in Japanese. * This site uses pixiv account (signup at https://accounts.pixiv.net). * PC: https://sketch.pixiv.net/ * iOS: https://itunes.apple.com/app/pixiv-sketch/id991334925 * Android: https://play.google.com/store/apps/details?id=jp.pxv.android.sketch

Integrity requirements: high

Max severity: critical

Asset identifier: vroid.com

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction:

Integrity requirements: high

Max severity: critical

Asset identifier: www.pixiv.net

Asset type: URL

Availability requirement: high

Confidentiality requirement: high

Eligible for bounty: true

Eligible for submissions: true

Instruction: * The core pixiv. * Signup at https://accounts.pixiv.net * PC: https://www.pixiv.net/ * iOS: https://itunes.apple.com/app/pixiv/id337248563 * Android: https://play.google.com/store/apps/details?id=jp.pxv.android

Integrity requirements: high

Max severity: critical