Origin Energy
- $50 – $2,500 per vulnerability
New Targets Added!
We hope your testing is going well. Here is an update that should make things a bit more interesting!
There have been some recent changes/updates to the Origin Energy program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:
In Scope Targets
- *.download.originenergy.com.au
- dataportal.originenergy.com.au
- *.origindigital-pac.com.au
- *.odcdn.com.au
- *.support.originenergy.com.au
- *.api.originenergy.com.au
API Targets
- https://api.rx.originenergy.com.au/v1/gateway/schema/graphql
- https://api.rx.originenergy.com.au/v1/gateway/schema/kraken/graphql
- https://api.rx.originenergy.com.au/v1/lpg/graphql
Out of Scope
- https://auth.api.originenergy.com.au/**
As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.
Get out there and lay claim to those bugs!
Tatia