Redox

  • $125 – $3,000 per vulnerability
  • Up to $3,500 maximum reward
  • Safe harbor
  • Managed by Bugcrowd

Mass Assignment findings added to 10% Bonus

Hello Researchers,

As you may have seen, OWASP published their top 10 for APIs! Link Since our technology is API based, we are aligning our bonuses around them. We believe that one of the top threats to our organization's PHI is Mass Assignment vulnerabilities and as such are adding it into our targeted bonuses to encourage you to help us find them!

10% bonus on Mass Assignment Submissions will run from 8/12/2020 to 9/12/2020


Additional Brief Updates:

In light of a number of duplicate reports we are clarifying our scope, the following submission types will be OOS moving forward

  • Email HTML injection
  • DMARC record missing

Thanks for your attention and Happy Hunting!