We are offering a place in our Hall of Fame on an ongoing basis for those penetration testers, who’ll find valid vulnerabilities, subject to the rules and terms of participation. If you discovered a vulnerability in Pushwoosh application, services or infrastructure, please don’t share it publicly. Send any problems to us via Contact Us __form on our website. We’ll ping you back as soon as we can with a confirmation and endless kudos.
We 're trying to respond as fast as we can, but It may take us up to 14 days to process a new report.
Only original, previously unreported bugs will be taken into account. Please submit one issue per ticket.
What should be included in your report:
Would be highly appreciated:
You must use the
pentester_anyCharacters@any.domain email alias when signing up for
pushwoosh.com __accounts that will be used to
participate in this bounty.
Accounts not following this rules will be suspended without warning.
The target host for this bounty is:
The following will not qualify for the program:
pushwoosh.com and docs.pushwoosh.com and community.pushwoosh.com are specifically excluded from this bounty.
In the best interest of our customers and Internet users worldwide, we ask that you follow the guidelines of responsible disclosure:
Pushwoosh greatly appreciates the efforts of those security researchers who identify vulnerabilities and work with us to ensure that we can develop a fix and issue it to all our users. We thank you for going out of your way to help us minimize the risk to our users as well as help us in our vision to improve the overall security of our products.