Great news! We are launching a bounty promotion specially for Tencent Online Video assets, where you can earn up to 4X the usual bounty amounts!!
Promotion Duration: Starting from August 9th (02:00 UTC) to August 20th (09:00 UTC)
Critical Severity Vulnerabilities: 4X bounty multiplier
High Severity Vulnerabilities: 2X bounty multiplier
The standard Tencent bounty structure can be found here and bounty multipliers will be calculated based on the standard amounts offered: https://en.security.tencent.com/index.php/policy
1) Tencent Video assets:
2) Tencent Weishi Video assets:
Accessing the assets:
1) Download WeTV, the international version of Tencent Video, on the Apple App Store or Google Play Store.
2) Download Tencent Video here: https://v.qq.com/biu/download
Please note that Tencent Video Android Extreme Edition and iPhone Extreme Edition are not included in the promotion scope.
3) Download weishi here: https://weishi.qq.com/
1) Submission of reports: Please include the title “Securing Tencent Online Video” in the subject of your vulnerability report during submissions
2) Please note that all Client-side vulnerabilities surfaced will need to be reproduced using the application’s latest version based on the provided links/app stores.
3) However, server-side vulnerabilities are not required to be reproduced in the latest version of the applications.
Please note that the usual policy rules and assessment guidelines will apply for this promotion. Kindly ensure that you review the Tencent Policy Page to familiarise yourself.
You are to submit your reports to TSRC directly via https://en.security.tencent.com/index.php/report/add
Good luck and we look forward to working with you to enhance our security!
We look forward to receiving your reports and working with you to enhance our security! All the best!