submit bug report: https://security.alibaba.com/en/Policy
If you believe you have found a vulnerability within an asset relating to AliExpress, please submit it via the Alibaba Vulnerability Disclosure Program.
However, If your report has been triaged and validated then you are able to submit a copy of your report to ASRC in order to receive a bounty. Our ASRC site also provides a hall of fame. Please add the prefix [h1-report_id] to the report title when report on ASRC, so that we will know it's from HackerOne. For example: [h1-40111111]Alibaba Reflected XSS on xxx.com.
