Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
peloton
5
In Scope
1
Out of Scope
In-Scope Assets (5)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| cms.onepeloton.com | URL | No | ||
| cosmos-stage.onepeloton.com | URL | No | ||
| cosmos.onepeloton.com | URL | No | ||
| qa1-cms.onepeloton.com | URL | No | ||
| www.onepeloton.com | URL | No |
Out-of-Scope Assets (1)
| Asset | Category | Bounty | |
|---|---|---|---|
| Security vulnerabilities that are identified in Peloton products or in website domains owned, operated, or controlled by Peloton that are not listed above are OOS | OTHER | No |