Upwork adding a CTF Reward
Upwork has decided to incorporate a high-impact reward for a certain type of finding.
In addition to the regular rewards for this program, Upwork is also offering a one-time $5,000 reward for the ability to break into any of the specified client or freelancer accounts, and steal the funds allocated to it. The account are: email@example.com and firstname.lastname@example.org.
- Please provide complete reproduction steps for how you were able to capture the flag
- Bruteforcing credentials to break in is still out of scope as per the regular scoping rules.
Please review the brief for full details and happy hunting!