July 26, 2019

Status Update

The bug bounty program has been renewed for another year.

We have processed a total of 67 submissions so far, with 9 of them being eligible for a payout. The following vulnerabilities have been fixed and hence can be listed.

Stakepool user session not expiring on password change
Stakepool user define link in error page
Stakepool user session not expiring on logout

Decred Developers