This morning, I received a notification from OpenBugBounty.org that an XSS vulnerability had been found on ChrisHammond.com. The email included a link to a bug bounty report but lacked specific details about the issue.

I quickly set up an account on OpenBugBounty.org and attempted to claim the domain to gain more information. Upon successfully doing so, I was provided with the display name of the researcher who reported the issue. I reached out to them via email, albeit cautiously, as I was unsure if it might be a phishing attempt.

With all the security updates and issues with the best CMS for .NET lately, you should have performed a few version upgrades in recent weeks. If you haven’t, shame on you, get to it!