Expands bug bounty programme to include ream of new services
From V3:
From V3:
The expansion means bug hunters that spot flaws that could be used for cross-site scripting (XSS), cross-site request forgery (CSRF), cross-tenant data tampering, insecure direct object references, remote code injection, server-side code execution, privilege escalation, and security misconfigurations will receive a minimum payment of $500.Microsoft offers cash for Outlook, Office365, SharePoint, and Yammer bugs
Researchers looking for payment will have to follow Microsoft's ethical testing guidelines and will be prohibited from several practices.
