Comment by JumpCrisscross

Comment by JumpCrisscross 10 months ago

8 replies

View on Hacker News

> $2,000 is a tiny fraction of what this bug is worth

The Browser Company raises $50mm at a $550mm post-money valuation in March [1]. They’ve raised $125mm altogether.

Unless they’re absolute asshats, they’ll increase the bug payout. But people act truly when they don’t think they’re being watched—a vulnerability of this magnitude was worth $2k to this company. That’s…eyebrow raising.

[1] https://techcrunch.com/2024/03/21/the-browser-company-raises...

shuckles 10 months ago

"We will let anyone run arbitrary JavaScript on all your web pages if you send them a referral link" is surely a 6-7 figure vulnerability for a web browser. That this vulnerability was discoverable using about two steps of analysis tools suggests many more issues are in the product.

Reply View 5 replies
  • rafram 10 months ago

    Not just that - seems like it allowed running privileged JavaScript (full access to your system) on the preferences page as well.

    Reply View 4 replies
    • voiceblue 10 months ago

      It is very strange to me that their attitude is "no one was impacted" and this is "hypothetical". Any serious company would immediately consider this to be a case where everyone was impacted! This is like coming home to the worst neighborhood on the planet to find your door wide open, and immediately putting on a blindfold so you can continue to pretend nothing's changed.

      Reply View 3 replies
      • DecoySalamander 10 months ago

        Since everything is stored in their DB, they supposedly can audit logs and sources for boosts themselves to confirm if anyone was actually impacted.

        Reply View 2 replies
behringer 10 months ago

It doesn't matter what bug bounty pay pay. If it was 200k people would say it's not enough.

Reply View 0 replies