How to report a security issue related to Uber products
In order to promote the continued security of Uber’s products and services, we operate a Bug Bounty Program where Uber users can submit information about product vulnerabilities.
Product vulnerabilities
Uber uses the HackerOne platform to receive and review product-related vulnerabilities. Uber’s Bug Bounty Program is focused on securing the data of our users and company assets. Therefore, our approach is to evaluate any given report based on the specific security impact for users (versus domain and vulnerability class). Issues that do not have an information security—related impact will be closed.
Please visit our HackerOne page to get a better understanding about the program and the rules of engagement.
About