Body of the Report:
-
Vulnerability Name: A brief title for the bug.
-
Target: The specific URL, App Version, or API endpoint affected.
-
Severity: (Low / Medium / High / Critical) based on the impact.
-
Steps to Reproduce: A clear 1-2-3 list of how to trigger the bug.
-
Proof of Concept (PoC): Screenshots or a video link showing the exploit (do not share this publicly).
-
Impact: Explain what an attacker could do (e.g., “Access other users’ portfolios”).