Banner object (1)

Hack and Take the Cash !

751 bounties in database
29/06/2014
jsDelivr logo

jsDelivr

jsDelivr is used by thousands of websites around the world and they all rely on malware-free and reliable file delivery.
We take the security of our CDN very seriously and want to ensure our service is bulletproof.

Scope

Except from static file delivery we also have a dynamic /g/ functionality which can combine on the fly multiple files and output them to the user. Documentation __

Tests on /g/ itself can be done on the server http://staging.jsdelivr.net/ __.
(Note: the root domain redirects to www.jsdelivr.com __which is out of scope. You need to provide a path to test it)
It is not used in production but it is clone of the actual server and can be used for penetration tests.

HTTPS or other vulnerabilities can be tested on cdn.jsdelivr.net as long as they don't pose a real threat to live users.

We expect vulnerability reports for any server or service owned or used by jsDelivr, including DNS, CDN providers, load balancing algorithm, VPS, installed software and anything else that can be used in a harmful way.

Our website www.jsdelivr.com __is out of scope for these tests as it does not contain any user information and it is completely isolated from the CDN infrastructure.

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2019