GitHub announced a Bug Bounty Program with Reward up to $5,000
GitHub announced a Bug Bounty Program with Reward up to $5,000, GitHub bug bounty, Bug bounty reward, report the vulnerability of GitHub, hacker get reward from GitHub, hacking GitHub, GitHub disclose program
GitHub, has also launched a bug bounty program. Researcher who finds the responsibly disclose vulnerability will get a reward of $5,000. Minimum reward is $100 for any vulnerability report. With the same of other bounty policy, reports of the vulnerability must be unique (Not reported earlier by any researcher).
GitHub explain the bug bounty in the blog post that, all the GitHub application are not included on the bug bounty reward. but in case if researcher found any security loop holes and report it, then also researcher might still get a monetary reward for it, depending on the severity of the vulnerability. At this time the GitHub API, Gist, and the main website, GitHub.com, are included in the bounty program.
According to the GitHub bug bounty policy, anyone can report the vulnerability to the GitHub security team. Even young expert age between 13 to 18 can also take part in the bounty reward program.
GitHub asked researcher to give 24 hours to response to the particular vulnerability reports.
Cross Site Scripting (XSS) vulnerability is also accepted but it will not qualify for reward. Until and unless it impact legacy browsers and plugins, or if too much user interaction is needed to trigger them.
You all can check the details of the bug bounty programs of GitHub on its GitHub Bug Bounty site.