bugs

Ender [1]
Administrator
rank 9
2015-08-16 23:48:40
[2 years, 122 days ago]

If you discover a bug that can do any of the following:

  • Access information that you shouldn't be able to access (e.g. read someone else's bmail, determine the email address associated with an account, etc.).
  • Do something in-game you shouldn't be able to do (e.g. duplicate an item, automatically fill up on kudos, etc.)
  • Perform any sort of action that would have bad consequences were it to become general knowledge (e.g. use up 1GB of server disk space with every request, etc.).

Then please contact me directly instead of creating a public forum thread. If you're not sure, contact me directly anyway. Worst case scenario, I'll just tell you it's okay to post publicly and will direct you back to this subforum.

Thanks in advance! For truly critical game and security issues, I will reward players with stars and special trophies depending on the severity of the bug discovered. Note that not disclosing responsibly (i.e. privately) forfeits your reward.


 
Ender [1]
Administrator
rank 9
2017-11-18 16:50:15
[27 days ago]

Congrats to dorkerdevil for earning 10 stars by reporting a reflected XSS vulnerability on the registration page!


 
Ender [1]
Administrator
rank 9
2017-11-18 20:28:46
[27 days ago]

Oh also, about a year ago an anonymous player was awarded 3 stars for reporting a bug that allowed clans to evade taxes.

(I'm going to start listing awards given out in this thread as motivation/examples.)