Capcut Bug Bounty Exclusive -

I’ve been fuzzing the CapCut web editor (capcut.com) and found what looks like a potential IDOR on project draft IDs. Before I go further, I want to make sure I'm following responsible disclosure.

With millions of creators storing drafts & data on ByteDance servers, the attack surface is MASSIVE.

Has anyone seen a formal #BugBounty program? capcut bug bounty

Before I disclose: Is there a private HackerOne/third-party program, or are we going straight to VDP? 👀

Drop links below. ⬇️

Does CapCut Need a Public Bug Bounty Program?

If ByteDance is listening: A clear rewards framework for CapCut would attract top talent before attackers find the low-hanging fruit. 🍍 I’ve been fuzzing the CapCut web editor (capcut

🚨 🚨