Of the reported vulnerabilities within the bug bounty and vulnerability disclosure programs on HackerOne's platform, XSS was the most reported type with 23 percent. XSS, also known as cross-site scripting, is typically found in web applications. A bug bounty program, also called a vulnerability reward program (VRP), is an initiative that rewards the discovery and reporting of software bugs.
Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020
Profit from the additional features of your individual account
Currently, you are using a shared account. To use individual functions (e.g., mark statistics as favourites, set
statistic alerts) please log in with your personal account.
If you are an admin, please authenticate by logging in again.
Learn more about how Statista can support your business.
HackerOne. (September 21, 2020). Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020 [Graph]. In Statista. Retrieved December 22, 2024, from https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/
HackerOne. "Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020." Chart. September 21, 2020. Statista. Accessed December 22, 2024. https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/
HackerOne. (2020). Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020. Statista. Statista Inc.. Accessed: December 22, 2024. https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/
HackerOne. "Leading 10 Reported Vulnerability Types within Bug Bounty Programs Worldwide in 2020." Statista, Statista Inc., 21 Sep 2020, https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/
HackerOne, Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020 Statista, https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/ (last visited December 22, 2024)
Leading 10 reported vulnerability types within bug bounty programs worldwide in 2020 [Graph], HackerOne, September 21, 2020. [Online]. Available: https://www.statista.com/statistics/1198849/worldwide-bug-bounty-program-vulnerability-type/