From Security Week:
United Airlines Offers Air Miles in New Bug Bounty Program
United Airlines has announced the launch of a bug bounty program, offering independent researchers who identify security holes in the company’s online services the chance to earn air miles.
The list of vulnerabilities eligible for a reward includes authentication bypass, information disclosure, cross-site scripting (XSS), cross-site request forgery (CSRF), remote code execution, timing attacks exposing the existence of a user, reservation or repository, and the ability to conduct brute-force attacks on PINs, passwords, MileagePlus numbers, and reservations.
No comments:
Post a Comment