New Target added - Gestor de Pedidos (WEB ONLY) - Announcements - iFood: Bug Bounty Program

$150 – $2,500 per vulnerability
Up to $2,600 maximum reward
Safe harbor

We hope your testing is going well. Here is an update that should make things a bit more interesting!

There have been some recent changes/updates on the iFood: Bug Bounty Program program.

We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:

Name	URL	Description	Change
Gestor de Pedidos	https://gestordepedidos.ifood.com.br	Web Only	Added

Please be aware that the Desktop Client is out of scope!

As always, please see the program brief for the full details around testing. If you have any questions, please visit Bugcrowd Support and create a support ticket.

Get out there and lay claim to those bugs!