#Cybersecurity #BugBounty #CapCut #ResponsibleDisclosure #AppSec
Before I disclose: Is there a private HackerOne/third-party program, or are we going straight to VDP? 👀 capcut bug bounty
: Protecting user media, biometric data, and personal information. capcut bug bounty
The official platform where researchers can report vulnerabilities across all ByteDance products, including CapCut and TikTok. capcut bug bounty
I've found: 🔹 Auth bypass in the web editor 🔹 Insecure direct object references (IDOR) in project files 🔹 Rate-limiting gaps on the mobile API