Microsoft announces Xbox Bounty Program with bounty awards up to $20,000

Reading time icon 1 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Microsoft yesterday introduced the new Xbox Bounty Program. As part of this program, gamers, security researchers, and others can identify security vulnerabilities in the Xbox Live network and services and get bounty from the Xbox team. Depending on the severity and impact of the vulnerability and the quality of the submission, you can earn up to $20,000 USD.

The following are examples of vulnerabilities that may lead to one or more of the above security impacts:

  • Cross site scripting (XSS)
  • Cross site request forgery (CSRF)
  • Insecure direct object references
  • Insecure deserialization
  • Injection vulnerabilities
  • Server-side code execution
  • Significant security misconfiguration (when not caused by user)
  • Using a component with known vulnerabilities (when demonstrated with a working proof of concept)

You can learn more about this program from the source link below.

Source: Microsoft

More about the topics: 1TB Xbox One, microsoft, security vulnerabilities, xbox, xbox live, xbox one