Quora

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.quora.com URL critical
* Automated security testing against the site or APIs are not allowed. * Localize all your tests to the account you are using to test. Don't affect other users. * Findings derived primarily from social engineering (e.g. phishing) are not allowed. * Follow HackerOne's [disclosure guidelines] (https://hackerone.com/guidelines).
com.quora.android GOOGLE_PLAY_APP_ID critical
The latest version of Android app installed from the official store at: https://play.google.com/store/apps/details?id=com.quora.android
com.quora.app.mobile APPLE_STORE_APP_ID critical
The latest version of iOS app installed from the official store at: https://itunes.apple.com/us/developer/quora-inc/id456034440

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity