Pinterest Launches Bug Bounty Program
Pinterest Launches Bug Bounty Program, Bug bounty program, vulnerability on Pinterest, Pinterest security issue, report vulnerability to Pinterest , security updates on Pinterest , Pinterest bounty program, Pinterest reward, bug hunting, security experts
In effort to make the social media website bug free the company has now launched an official bug bounty program, and updated its responsible disclosure statement.
According to the bounty program policy, Pinterest is now only giving Hall-of-Fame to the researcher and some reports are also eligible for “swag” (i.e., a shirt).
Regarding the bounty policy, Moreno has also says-
"As we gather feedback from the community, we have plans to turn the bug bounty into a paid program, so we can reward experts for their efforts with cash."Means in future Pinterest can pay to the researcher for their vulnerability reports.
The bounty program is valid for the main website (www.pinterest.com) along with the following subdomains: api.pinterest.com, about.pinterest.com, business.pinterest.com, blog.pinterest.com, help.pinterest.com, developers.pinterest.com and engineering.pinterest.com.
Researcher can report the vulnerability via Bugcrowd to be eligible for the reward. Pinterest asked the researcher to give a reasonable amount of time to come up with a fix before making any information public, and avoid unauthorized data access and service disruption while conducting tests.