Ibotta
- $50 – $5,000 per vulnerability
Updates to Scope & First-to-Find Bonus
We have some updates & Bonus opportunities for Ibotta:
Mobile & API Target - Ibotta App Data & Memory
Researchers are welcome to attempt Reverse Engineering or Decompiling the mobile applications to review the source code.
Focus areas include:
- Sensitive Data Exposure (credentials)
- Vulnerable Functions
- Bad Cryptography
- Code Tampering
The first researcher to submit a valid & unique vulnerability will receive an additional $500 bonus
Web Targets - Web V2
This is a refreshed web application by the Ibotta team.
Focus areas include:
- Client Code Quality
- Extraneous Functionality
- Improper Platform Usage
The first researcher to submit a valid & unique vulnerability will receive an additional $250 bonus
As always, please be sure to review the program brief in detail, and if you have any questions, please reach out support@bugcrowd.com.
Happy Hunting!
Sarah_Bugcrowd