Back to Recent Schemas

Schema Information

http://paste.openstack.org/raw/583680/

Download schema

Fields

Index Column Heading Required Unique Type Value Constraints Title/Description
1 affected_parameter Yes No String Maximum Length: 255
The request or form parameter that contains the payload or is otherwise responsible for the vulnerability.
2 affected_users Yes No String Maximum Length: 2500
The users affected by the vulnerability (typically 'admin' or 'user').
3 attack_string Yes No String Maximum Length: 10000
The payload used to trigger the vulnerability.
4 browser Yes No String Maximum Length: 2500
The specific browser affected by the vulnerability, if relevant.
5 bug_type Yes No String Pattern: \A(xss|csrf|sqli|clickjack|mobile_net|mobile_device|other)\z
The type of the bug, if blank will infer from title or proof_of_concept.
6 bug_url Yes No String Maximum Length: 2500
The URI where the vulnerability can be initiated.
7 comment Yes No String Maximum Length: 10000
Internal comment regarding the Submission.
8 extra_info Yes No String Maximum Length: 10000
Additional information provided by the researcher.
9 http_request Yes No String Maximum Length: 10000
The HTTP request that triggers the vulnerability.
10 method_of_finding Yes No String Maximum Length: 2500
How the researcher found the vulnerability.
11 priority Yes No Xsd Integer Maximum Value: 5
Minimum Value: 1
The priority of the vulnerability, 1 denoting the highest priority and 5 denoting a Won't fix.
12 proof_of_concept Yes No String Maximum Length: 10000
A proof of concept provided by the researcher.
13 researcher_email Yes No String Pattern: \[email protected]+..+\z
An email address for the researcher who submitted this issue. If provided, we will email the researcher and allow them to claim this submission on Bugcrowd using an account of their choice.
14 submitted_at Yes No DateTime
%d-%m-%Y %H:%M:%S
The UTC timestamp at which the submission was received, in the format 'dd-mm-yyyy H:M:s' (please note UTC, not local time).
15 substate Yes No String Pattern: \A(new|wont_fix|out_of_scope|not_applicable|not_reproducible|triaged|unresolved|resolved|duplicate)\z
The current status of the submission.
16 title Yes No String Minimum Length: 1
Maximum Length: 255
The title of the submission. If multiple CSV uploads are desired (e.g. to update data subsequently with another import) this field must not change.
17 tools_used Yes No String Maximum Length: 2500
The tools the researcher used to find the vulnerability.
Download Example CSV File