Report Date
September 25, 2023
Status
Closed
Payout
Link to Analytics is broke
‣
Report ID
#24379
Report type
Websites and Applications
Has PoC?
Yes
Target
Impacts
- Redirecting users to malicious websites
- Broken Link (Out of scope)
Bug Description
There is a bug on the analytics page, where link to view the historical analytics is broken
Impact
Low impact
Risk Breakdown
Difficulty to Exploit: Easy Weakness: CVSS2 Score:
Recommendation
Fix the link with working link
Proof of concept
Steps to reproduce -
- Visit this page - https://app.bean.money/#/analytics
- Click on 'Learn more -> ' hyperlink
- Observe the link is broken and the page not open
Immunefi Response
Immunefi has reviewed this vulnerability report and decided to close since being out of scope for Beanstalk bug bounty program.
- claimed impact by the whitehat is in scope for the bug bounty program
- claimed asset by the whitehat is in scope for the bug bounty program
- claimed severity
is not in scope
for the bug bounty programSince this bug bounty program does not require Immunefi's triaging, note that Immunefi does not:
- check if whitehat's claims are factually correct
- check PoC to understand the validity
- assess the submission's severity
These activities are the project's responsibility.
The project will now be automatically subscribed and receive a report of the closed submission and can evaluate if they are interested in re-opening it. However, note that they are not under any obligation to do so.