Bugcrowd published a comprehensive report explaining the current state of the growing bug bounty market. High-Tech Bridge released a web security trends report for the first half of 2016. Nearly 80 percent of all websites are vulnerable to XSS, says WhiteHat Security. Meanwhile, the Open Bug Bounty community helped website owners fix almost 25,000 XSS vulnerabilities. The average bug payout in the first quarter of 2016 was $505.79. Overpriced XSS and CSRF (XSS) vulnerabilities dominate bug bounty submissions.”]