Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
moneytreekkog
11
In Scope
3
Out of Scope
In-Scope Assets (11)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://app-staging.getmoneytree.com | URL | No | ||
| https://apps.apple.com/vc/app/moneytree-finance-made-easy/id586847189 | IOS | No | - | |
| https://business-staging.getmoneytree.com/ | URL | No | ||
| https://jp-api-staging.getmoneytree.com | URL | No | ||
| https://myaccount-staging.getmoneytree.com | URL | No | ||
| https://play.google.com/store/apps/details?id=jp.moneytree.moneytree&hl=en_AU&gl=US | ANDROID | No | ||
| https://redash-staging.getmoneytree.com/ | URL | No | ||
| https://vault-staging.getmoneytree.com | URL | No | ||
| https://wwws-staging.moneytree.jp/link/ | URL | No | ||
| https://wwws-staging.moneytree.jp/link/mobile/ | URL | No | ||
| https://wwws-staging.moneytree.jp/link/mobile/#/signup?client_id=38d99a6e8e9fc87c866f5aa82bdc2569c464b2323a55e0b28f658efa678e9623&redirect_uri=https://wwws-staging.moneytree.jp/link/mobile/callback&response_type=token&scope=guest_read+accounts_read+transactions_read+request_refresh | URL | No |
Out-of-Scope Assets (3)
| Asset | Category | Bounty | |
|---|---|---|---|
| Any production asset of Moneytree KK (excepting the iOS app) | URL | No | |
| getmoneytree.com | URL | No | |
| moneytree.jp | URL | No |