Security News > 2020 > April > Mozilla Offers Bigger Rewards for Firefox Vulnerabilities
Mozilla on Thursday announced some changes to its Firefox bug bounty program, including bigger rewards and its decision to accept duplicate reports in some cases.
The organization has been running a bug bounty program since 2004, and between 2017 and 2019 it paid out nearly $1 million for roughly 350 vulnerabilities.
Mozilla has now decided that the highest severity bugs can earn a researcher up to $10,000 if they're accompanied by a high quality report.
Mozilla also informed bug bounty hunters that it now allows duplicate submissions, which can be common in the case of researchers who are fuzzing Firefox Nightly builds and find the same vulnerability within hours of each other.
Mozilla has decided that the bug bounty for a flaw will be split among all researchers who reported the same issue within 72 hours of the first report.
News URL
Related news
- Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language (source)
- Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage (source)
- Mozilla warns users to update Firefox before certificate expires (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)