InVision

The world's leading prototyping, collaboration & workflow platform

  • $25 – $2,500 per vulnerability
  • Up to $5,000 maximum reward
  • Partial safe harbor
Submit report

Program stats

  • Vulnerabilities rewarded 191
  • Validation within 3 days 75% of submissions are accepted or rejected within 3 days
  • Average payout $300 within the last 3 months

Latest hall of famers

View all 363

Recently joined this program

1265 total

Disclosure

Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

We appreciate all security concerns brought forth and are constantly striving to keep on top of the latest threats. Being proactive rather than reactive to emerging security issues is a fundamental belief at InVision. Every day new security issues and attack vectors are created. InVision strives to keep abreast of the latest state-of-the-art security developments by working with security researchers and companies. We appreciate the community's efforts in creating a more secure world!

We update the application as often as weekly, so please check back for new functionality!

Review our Release Notes for more information but please note this may not be comprehensive of all changes that impact your research as it is written for customers.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

This bounty requires explicit permission to disclose the results of a submission.