View on HackerOne
Welcome to Mail.Ru's Bug Bounty Program

Since April 2014 Mail.Ru has been accepting bug reports through HackerOne for our projects such as Mail, Cloud, Calendar, and Mail.Ru for Business.

If you are just starting to look for bugs in our projects, take a look at the terms and conditions by clicking the button →

Examples of rewards for discovered bugs

Payments are made through HackerOne

FOR
auth.mail.ru
FOR PROJECTS
WITHIN SCOPE
$10 000
Remote code execution
(RCE)
$3 000
$5 000
File system access
(LFR, RFI, XXE)
$2 000
$5 000
Injections (SQLi or the equivalent)
$2 000
$500
Cross-site scripting
(XSS) other than self-XSS
$150-500
$150-300
Cross-site request forgery
(СSRF, Flash crossdomain requests)
$150
Configuration errors
$150-300
Project on HackerOne

You are using an unsupported browser

You are need modern browser