https://www.openbugbounty.org/incidents/203915/
"On the 07.01.2017 security researcher rj01 reported a XSS vulnerability affecting the eccie.net website via the Open Bug Bounty vulnerability disclosure program. We verified the vulnerability and confirmed its existence.
Technical details of the vulnerability are currently hidden ("On Hold") to give website owner time to patch the vulnerability without putting any of its users at risk.
If you are the website owner, administrator or authorized third-party, please contact the researcher directly for vulnerability details and coordinated disclosure.
Important: we never act as intermediary between you and the researcher. It's completely up to you to decide if, and how, to thank the researcher. In some cases a 'thank you' email is enough, in others something more remarkable would be good to recognize his, or her, efforts and time. A recommendation may be a good idea."
More info on this please?