- $150 – $2,000 per vulnerability
- Up to $5,000 maximum reward
Quizlet is the world's largest student and teacher online learning community. Every month, over 30 million active learnings from 130 countries practice and master more than 200 million study sets of content on every conceivable subject and topic.
Our mission is simple: To help students (and their teachers) practice and master whatever they are learning. Quizlet provides engaging, customizable activities with contributions from people everywhere.
Quizlet invites you to test and help secure our primary publicly facing assets - focusing on our web, mobile, and api applications. We appreciate your efforts and hard work in making the internet (and Quizlet) more secure, and look forward to working with the researcher community to create a meaningful and successful bug bounty program. Good luck and happy hunting!
For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email firstname.lastname@example.org. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.