• $120 – $5,000 per vulnerability
  • Up to $10,000 maximum reward

api.upwork.com/graphql is now out of Scope

Effective July 1st, https://api.upwork.com/graphql is now out of scope. This is due to engineering efforts around GraphQL, We are asking everyone if they have any pending submissions for this API endpoint, please submit them by July 1st, 2022.

Please re-review the bounty brief in detail and adjust your testing, and all scanners accordingly to make sure you are only testing and submitting in-scope bugs.

Any pending submissions submitted before the out of scope changes will be reviewed and processed accordingly.

We want to thank you all for a continued support and looking forward to your submissions.

If you have any questions on the change in the scope, please reach out to support@bugcrowd.com.