Upwork
- $120 – $5,000 per vulnerability
- Up to $10,000 maximum reward
Reward Increases for Web, Desktop, and API targets
Thank you for your participation on the Upwork program, in order to better compensate you for your research on our Web, Desktop, and API targets we have increased the rewards for P1's and P2's as of April 22, 2021!
| Priority | New Reward Range | Previous Reward Range |
|---|---|---|
| P1 | $5,000 | $2,000 |
| P2 | $2,000 | $1,200 |
| P3 | same | $480 |
| P4 | same | $120 |
For full details, please review the program brief, highlights for these targets include:
Resources
- Upwork Developers
- Sign up for Upwork API
- How do I get started as a client?
- Getting Started as a Freelancer
Testing Tips
- Please sign up for an Upwork account and Upwork API using your
@bugcrowdninja.comemail address. Only basic/free access is provided by the Upwork team for this program, you are welcome to test the API using a paid account, but these are not offered at this time. - When testing please only test against jobs that you have created - do not test against jobs owned by persons other than yourself
- Worth noting, Upwork is designed to help people find jobs and posting/viewing resumes and other PII is a core component of the service. While you may submit findings, it must have a clear threat or business impact for Upwork; otherwise, it is likely to be marked as won't fix or informational.
Happy Hunting!
Sarah_Bugcrowd