Report #32739

Spoofing (Content Injection)

Immunefi Response

Unfortunately, after reviewing your report, Immunefi has decided to close it due to the assessed impact being out of scope.

Immunefi review:

• The claimed impact Persistent content spoofing / text injection issues by the whitehat is of the bug bounty program but the assessed impact doesn't match with the claimed impact for the following reasons.
• The text injection is not persistent and requires social engineering attack to convince the victim.
• assessed asset by the triage team is in scope for the bug bounty program
• PoC has been submitted to the project

Please note that the project will receive a report of the closed submission and may choose to re-open it, but they are not obligated to do so.