The program has very specific examples of what qualifies for a reward, such as cross-site scripting (XSS), SQL injection, server-side remote code execution (RCE) and others. You can find what it it is, and isn’t, looking for here. Or, you can peruse the company’s blog post for information about specific technologies in use across several Uber Web properties, including:
- iPhone Rider Application
- iPhone Partner Application
- Android Rider Application
- Android Partner Application
If you find a bug, you’ll be paid $3,000 to $10,000 for issues for one of the items on its hit list, or you’ll get a nice firm pat on the back if you find an issue related to fraud, as Uber isn’t currently rewarding those who find fraud issues.