Upwork
- $120 – $5,000 per vulnerability
- Up to $10,000 maximum reward
New Target added for Upwork
We hope your testing is going well. Here is an update that should make things a bit more interesting!
There have been some recent updates on the Upwork program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:
Name | URL | Description | Change |
---|---|---|---|
GraphQL API | api.upwork.com/graphql | API endpoint that was previously out of scope | Added |
As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.
Get out there and lay claim to those bugs!