Upwork
- $120 – $5,000 per vulnerability
- Up to $10,000 maximum reward
Resource Update
The following links were updated on our target scope, please review and let us know if there is anything that you can find! As a friendly reminder, these targets carry our highest tier of rewards and have the focus areas outlined below.
| Priority | iOS, Android | Web, Desktop, API |
|---|---|---|
| P1 | $5,000 | $2,000 |
| P2 | $2,000 | $1,200 |
| P3 | $720 | $480 |
| P4 | $300 | $120 |
Android
- android:debuggable=" true" in Android Manifest
- android:allowBackup set to true (by default)
- Information disclosure via Toast messages
iOS
- Information leakage in backgrounding snapshots
- Information leakage in keystroke caching
Sarah_Bugcrowd