Ibotta
- $50 – $5,000 per vulnerability
Ibotta Adding Targets!
We hope your testing is going well. Here is an update that should make things a bit more interesting!
There have been some recent scope additions on the Ibotta program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:
| Name | URL | Description | Change |
|---|---|---|---|
| Chrome Extension Beta | Access Here | Here is a User Guide The Ibotta team is looking for testing that ensures the pop-up interaction with their other product areas (such as the next item or loyalty card linking) is secure and would like to know about any sensitive data exposure. | Added |
| Web v2 | Access Here | This is a refreshed web application for the Ibotta Team. Please note that there are some scope exclusions for this target: Access Token Exposure, the ability to scrape the site, and data flow to 3rd parties is intended and reports will be considered informational unless they are chained to create a larger vulnerability. | Added |
As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.
Get out there and lay claim to those bugs!
Sarah_Bugcrowd