Asana - $25,000 Special Incentive For The log4j Vulnerability - Announcements - Asana

$300 – $6,500 per vulnerability
Partial safe harbor

In light of the Log4j Vulnerability, CVE-2021-44228 Asana is now offering a massive $25,000 bonuses if a researcher can demonstrate that Asana is vulnerable to this bug starting as of December 14, 2021.

As always, please view the the brief before testing.

Below are the bonus details:

Note, bonuses are subject to change. If you have any questions, please reach out to support@bugcrowd.com.