Capcut Bug Bounty [ Full ]

I’ve been fuzzing the CapCut web editor (capcut.com) and found what looks like a potential IDOR on project draft IDs. Before I go further, I want to make sure I'm following responsible disclosure.

We know the parent company (ByteDance) runs bounty programs for TikTok. But what about CapCut? capcut bug bounty

Does CapCut Need a Public Bug Bounty Program? I’ve been fuzzing the CapCut web editor (capcut

I've found: 🔹 Auth bypass in the web editor 🔹 Insecure direct object references (IDOR) in project files 🔹 Rate-limiting gaps on the mobile API capcut bug bounty

Has anyone seen a formal #BugBounty program?

Drop links below. ⬇️

Before I disclose: Is there a private HackerOne/third-party program, or are we going straight to VDP? 👀

error: Content is protected !!