Scope Release Event, Phase 1
Note: Verizon Media is now known as Yahoo.
Announcing the start of Phase 1 of this scope release event. Think of it like a new program is launching, but knowing that our legendary team of Paranoids and HackerOne stand behind this program already.
Please read the previous message for the event schedule.
Phase 1: Scope Release Announcement & Dupe Period
- Begin your recon and testing!
- New assets will be listed on the program page in the Scope section.
- Start submitting reports to us and make sure to use the new assets.
- All reports submitted during this period will be deduplicated against each other, any bounties will be evenly split among all reports for the same vulnerability.
- All duplicated reports during this phase will receive full credit when ranked at the end of this cycle.
- Register accounts (self-service) using your <username>@wearehackerone.com addresses.
- Make sure to add the X-Bug-Bounty: hackerone-<username> header to your traffic.
- Build By Girls (*.builtbygirls.com)
- BUILD (*.buildseries.com)
- MAKERS (*.makers.com)
- Mobile Apps included
- APIs included
- Note: jobs.builtbygirls.com is out of scope. Bugs found here should be reported to Jobboard.io. This is a third party and we do not authorize anyone to test this service.*
This phase will end on July 15.
If you have any questions, feel free to reach out to us however works for you. We’ve even stood up a channel, #verizonmedia, on the Bug Bounty Forum slack workspace to specifically engage in conversation with our bug hunter community.