This page contains additional information about general topics that do not fit to the other categories and will be extended from time to time.
Purchases in test cycles
If a test instructs you not to complete any purchases/orders, this means, also no such attempt should be made. This also includes cases in which the final order form is sent with missing mandatory fields or in which an external payment provider is triggered afterwards (even if this provider allows cancelling the transaction).
We do not consider it a bug if an app keeps “endlessly” loading without any error message but doesn’t crash. This is most likely connected to connection issues and hard to fix for the developer.
XSS vulnerabilities are often a general problem and not restricted to a single form field. Consequently, it is sufficient to inform a site owner about the general problem by providing one example, i.e. we won’t accept more than one XSS bug per test cycle.
Please note that the fact that an issue has been accepted in the past (either by the team leader or by the client) cannot guarantee that the same issue will be accepted in all future cycles. Of course, our aim is to evaluate all errors in a comparable way, but it cannot be completely ruled out that something has been overlooked in the past or that new information has been added in the meantime.