Yandex.Food has doubled the reward for finding vulnerabilities in the service. You can get money for identifying user data vulnerabilities, promo code fraud, Yandex Plus points cheat and fraud. This was reported to RB.RU in the press service of the service.
For cross-site application forgery detection, you can get from 15 thousand to 150 thousand rubles, for RCE vulnerabilities - from 440 thousand to 1.5 million rubles. The full list of vulnerabilities and bugs, as well as the amount of bounties can be found here.
The competition will run until August 31.
In April, an international court in Moscow fined the Yandex.Food service 60,000 rubles for leaking user data to the public. At the end of June, Yandex.Food users were able to delete information about their orders on the service. The company launched an option "to allow users to independently manage the data that Food stores"
Author:
karina pardaeva
Source: RB
I am Bret Jackson, a professional journalist and author for Gadget Onus, where I specialize in writing about the gaming industry. With over 6 years of experience in my field, I have built up an extensive portfolio that ranges from reviews to interviews with top figures within the industry. My work has been featured on various news sites, providing readers with insightful analysis regarding the current state of gaming culture.
