Report bugs on GoDaddy's website
We offer a reward for any security bugs (defined below) reported to us that affect any of the following sites:
Accepted bug types
You can a receive a bounty for submitting any of the following types of bugs:
- Cross Site Scripting (XSS)
- Authentication and Authorization Flaws
- Cross Site Request Forgery (CSRF)
- Remote Code Execution
- SQL Injection
- Directory Traversal
- Privilege Escalation
Send us the bug
- Visit https://cobalt.io/
- Click Sign in.
- Either log in to an existing account or click Become a Researcher on the bottom-right corner of the pop-up window and complete the fields.
- Email us your Cobalt username to email@example.com.
You will receive a confirmation email from Cobalt once we have added you to our program.
- After this confirmation, log in to your account and review the terms of the program located at https://cobalt.io/godaddy/godaddy-beta.
- Click Submit Vulnerability, and then submit the information.