Mozilla Offers Up to $5,000 for Bypassing Firefox Security

Mozilla has announced an expansion of its bug bounty program, introducing a new category that rewards researchers not only for finding bugs but also for discovering methods to bypass Firefox’s security mechanisms.

Previously, bypassing security mechanisms was generally considered a low or medium severity issue. However, under the new Exploit Mitigation Bug Bounty program, researchers can now earn up to $5,000 for such findings.

How the Rewards Work

• Researchers can earn up to $5,000 for discovering ways to bypass security with privileged access.
• If a researcher finds a method to bypass security without elevated privileges (usually involving a chain of vulnerabilities), they are eligible for a reward for the vulnerability itself plus a 50% bonus for the bypass technique.

Additional Program Details

Mozilla continues to encourage researchers to test Firefox Nightly. However, vulnerabilities found in this build will only be rewarded if they are not detected by Mozilla’s own developers within four days of the buggy code being added to the repository.