Upwork

  • $120 – $5,000 per vulnerability
  • Up to $10,000 maximum reward
  • Partial safe harbor
  • Managed by Bugcrowd

Resource Update

The following links were updated on our target scope, please review and let us know if there is anything that you can find! As a friendly reminder, these targets carry our highest tier of rewards and have the focus areas outlined below.

Priority iOS, Android Web, Desktop, API
P1 $5,000 $2,000
P2 $2,000 $1,200
P3 $720 $480
P4 $300 $120

Android

  • android:debuggable=" true" in Android Manifest
  • android:allowBackup set to true (by default)
  • Information disclosure via Toast messages

iOS

  • Information leakage in backgrounding snapshots
  • Information leakage in keystroke caching