• $120 – $5,000 per vulnerability
  • Up to $10,000 maximum reward

GraphQL Endpoint Now In Scope

We hope your testing is going well. Here is an update that should make things a bit more interesting!Upwork is interested in seeing if the Crowd can beat up their GraphQL Endpoint! You can access the enpoint at https://api.upwork.com/graphql As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.

Get out there and lay claim to those bugs!