Yahoo Bug Bounty Policy changes: Increases Bug Bounty Reward to $15,000


 

As we know that the Bug Bounty Programs are organised by Corporate Sector companies for better security. And about the Yahoo! it organize this program in October 31 in which it offers only $12.50 Bug Bounty Reward per Bug found. This is too cheap to attract the Security Researchers .

Now yahoo! quickly change its policy after being ridiculed for handling only $12.50. They increases the Reward Money as high as $15,000 per Bug found.

According to Yahoo! – :

The New Program will offer an improved reporting process,quicker validation and good interface to submit the Bug. 

Researchers reward money starts from $150 and goes up from here  for Bug Reporting.

According to Remses -:

The Amount will determined by a clear system based on a set of defined elements that capture the severity of the issue.

For comparison of the reward from Microsoft goes as high as $100 and Google $20,000 goes up as Bug Research.

In September Research from High-Tech Bridge found a XSS Vulnerabilities.The Security Team notifies Yahoo! of four XSS issues, which affect the marketingsolutions.yahoo.com domain, ecom.yahoo.com and adserver.yahoo.com domains.

Each security vulnerability on yahoo.com allow the email account to be compromised by sending a specially created link to a logged in yahoo user and making them click on it.

According to High-Tech Bridge -:

Two of the flows accepted as new, and the CSS (Cross-Site-Scripting) Vulnerability were worth a $12.50  reward each, given as discount code ”

Read Last news : 

Yahoo! : Security Research Bug Bounty worth $12.50

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s