Jordan Wiens from United States of America has found a vulnerability in United Airlines network. The bug bounty was one million free air miles.
Jordan Wiens, a vulnerability researcher from Florida, was the first person to be rewarded for highest-level bug bounty.
According to United’s air lines bounty payout structure:
Low-level: Bug bounty: 50,000 free miles
- Cross-site scripting
- Cross-site request forgery
- Third-party issues that affect United
Medium-level: Bug bounty: 250,000 free miles
- Timing attacks
- Potential for personally identifiable information (PII) disclosure
- Brute-force attacks
- Authentication bypass
High-level: Bug bounty: 1,000,000 free miles
- Remote code execution
Jordan Wiens has announced his success on Twitter saying, “Wow! @united really paid out! Got a million miles for my bug bounty submissions! Very cool.”
Wow! @united really paid out! Got a million miles for my bug bounty submissions! Very cool. pic.twitter.com/CEclmhmyUq
— Jordan Wiens (@psifertex) July 10, 2015
According to one tweet on twitter claims that Wien’s reward is worth about $25,000/£16,051.