Caffeine

Caffeine is a social broadcasting platform for gaming, entertainment, and the creative arts.

  • $150 – $5,000 per vulnerability
  • Up to $6,000 maximum reward

Caffeine -- New scope addition

Hey Everyone,

Great news! Caffeine has added https://payments.caffeine.tv/ to their program scope!

This is the API service the website, iOS application and Caffeine Broadcaster use to read and make payments, such as buying gold and sending items. This uses the x-credential HTTP header for auth, which uses JOSE.

They are interested to understand if there are any vulnerabilities associated with how their users send and receive payments; as well as any vulnerabilities associated with their configuration to Stripe.

Happy Hunting!
Steve @Bugcrowd

smurphy
smurphy