Zendesk Managed Bug Bounty Engagement
Bounty Range
$100 - $50,000
external program
Zendesk Managed Bug Bounty Engagement
Bounty Range
$100 - $50,000
external program
Last Updated :12 Mar 2026 04:11:34 GMT+0[/engagements/zendesk/changelog/9fb94738-a217-47c4-aca5-a6b28f78b5c3](View changes)
Zendesk is the complete customer service platform, powered by AI. Equip your agents with powerful AI tools and workflows that boost efficiency and elevate customer experiences across every channel.
For the initial prioritisation/rating of findings, this program will use the [https://bugcrowd.com/vulnerability-rating-taxonomy](BugCrowd Vulnerability Rating Taxonomy). However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
The targets within scope are publicly accessible.
All research must be conducted using your own Zendesk instance which you can sign up for https://www.zendesk.com/register/.
When asked for an email, please provide your @bugcrowdninja.com email address.
When asked for your company name, please use the following: bb-
In cases where you need to create additional accounts or need to test beyond the trial period, please increment your company name with an appropriate integer or date-based string
Your account should end up with a domain name that looks like bb-acidburn-01.zendesk.com
In scope
Payment reward chartP1$5000 – $50000 P2$2000 – $4000 P3$750 – $1500 P4$500
We are pleased to accept submissions for vulnerabilities related to our Large Language Models (LLM’s) or AI feature offerings such as:
AI agents/Advanced AI Agents
AI Agent builder
Copilot
App Builder
Note that trail accounts have limited access to our AI features. We will consider full access to our AI features to researchers who meet certain criteria. If you meet the criteria outlined in the form and would like to apply, please fill out our https://forms.gle/XLVbqFQ3opensnt79
Examples of valid submissions:
Prompt injection / jailbreaks : model ignoring system prompt; instructions in user content that cause disclosure of secrets or execution of disallowed actions; nested/encoded instructions (base64, HTML comments) that change behaviour.
RAG (retrieval) poisoning & retrieval manipulation: malicious content inserted via connector causing the agent to cite/distribute false or malicious information; poisoning that causes persistent incorrect behaviour.
Retrieval/provenance bypass: retrieval returns low‑trust sources without provenance flags; system selects adversarial documents as top citations.
Response data leakage (PII, secrets, credentials): agent reveals API keys, customer PII, or internal secrets in output or follow‑ups.
Attachment exfiltration: uploading a document with hidden metadata/footers or Stenography based insertion of content that the agent reveals.
Model extraction / API fidelity attacks: surrogate model created from API queries, significant recovery of model behaviour or logic.
Membership inference & model inversion: proving that a given ticket or piece of PII was in training, or reconstructing sensitive training records.
Data poisoning / backdoors in training pipelines: injecting crafted examples during ingestion that create triggers/backdoors after retraining.
Action execution abuse / automation abuse: generating text that causes the system to run macros, update tickets, or call webhooks without proper authorization, or chaining prompts to escalate privileges.
Privilege escalation & auth flaws (API keys, token replay): broken access control allowing tenant cross‑access or token theft.
Cross‑tenant data leakage / multitenancy misconfigurations: queries returning other tenants’ tickets or content.
Show more
Name / Location | Tags | Known issues | Zendesk AIhttps://{subdomain}.zendesk.com/ |
API Testing
Large Language Model
Penetration Testing
+2 |
In scope
Payment reward chartP1$5000 – $20000 P2$2000 – $3000 P3$750 – $1500 P4$250
Vulnerabilities will only be accepted if they are executed within the context of an anonymous user, end-user or customer. These are the people who use Zendesk Support to request assistance, not agents or administrators, who use the various other parts of our platform (see below) to assist customers.
Messaging front end
Web widget and web widget SDK
Zendesk Mobile SDK on https://developer.zendesk.com/documentation/zendesk-sdks/#ios and https://developer.zendesk.com/documentation/zendesk-sdks/#android
Our social channel https://support.zendesk.com/hc/en-us/articles/4408831648794-Getting-started-with-social-messaging
Voice & Contact Center front end
Knowledge front end, including form submission (submit a request), My actives and My profile - *.zendesk.com/hc/
Authentication front end - *.zendesk.com/auth/
The following categories of vulnerabilities are ineligible for bounty:
Uploading of malicious attachments or malware, Refer to [https://support.zendesk.com/hc/en-us/articles/4408832757146-Enabling-attachments-in-tickets#topic_nrp_bnx_xdb](Enabling private attachments) and [https://support.zendesk.com/hc/en-us/articles/4483794022170-Managing-malicious-attachments#topic_jyj_r25_xsb__ul_h5j_mf5_xsb](About malware scanning)
Missing security controls related to HTTP headers, such as HSTS, CSP, X-Frame-Options or cookie directives.
XSS (or a behaviour) where you can only attack yourself (e.g. "Self XSS").
HTML injection or injection attacks that rely on phishing via links, images or use of the tag.
WebCache poisoning that only results in a DoS. To be eligible for a bounty please demonstrate a harmful HTTP response that can be served to other users.
Show more
Name / Location | Tags | Known issues | Zendesk Front Endhttps://{subdomain}.zendesk.com/ |
API Testing
AWS
GraphQL
+4 |
In scope
Payment reward chartP1$5000 – $10000 P2$2000 P3$500 P4$100
This is our core product and main platform for accessing all things Zendesk as an agent or administrator.
Agent workspace - *.zendesk.com/agent
Knowledge (previously Guide) - *.zendesk.com/knowledge/
Contact center
Analytics (previously Explore) *.zendesk.com/explore/
Workforce management (WFM) *.zendesk.com/wfm/
Quality assurance (QA) *.zendesk.com/qa
Admin center - *.zendesk.com/admin/
The following categories of vulnerabilities are ineligible for bounty:
Missing security controls related to HTTP headers, such as HSTS,CSP, X-Frame-Options or cookie directives..
XSS (or a behaviour) where you can only attack yourself (e.g. "Self XSS").
XSS on pages where administrators are intentionally given full HTML editing capabilities, such as custom theme editing
HTML injection or injection attacks that rely on phishing via links, images or use of the tag.
All issues affecting Contributor Role and Light Agent are ineligible for bounty until further notice.
API token scope/privilege issues allowing Admins to perform actions as other users are ineligible for bounty until further notice.
Show more
Name / Location | Tags | Known issues | Zendesk Suitehttps://{subdomain}.zendesk.com/ |
API Testing
AWS
GraphQL
+4 |
In scope
Payment reward chartP1$2000 P2$1000 P3$500 P4$100
Mobile applications provide a subset of agent or administrator functionality. This is not our SDK’s, which is covered in the Zendesk front end.
Zendesk iOS - [https://apps.apple.com/app/id1174276185](Apple App Store - Zendesk Support App)
Zendesk Android - [https://play.google.com/store/apps/details?id=com.zendesk.android&hl=en](Google App Store - Zendesk Support)
Submissions requiring the use of a jailbroken or rooted device are not eligible for bounty.
Name / Location | Tags | Known issues | Zendesk Mobile Applicationshttps://{subdomain}.zendesk.com/ |
API Testing
Swift
Mobile Application Testing
+4 |
In scope
Payment reward chartP1$2000 P2$1000 P3$500 P4$100
We welcome review of our public facing repositories for vulnerabilities. Any public repositories from the following organisations are in-scope:
Archived and forked repositories are not eligible for bounty.
Name / Location | Tags | Known issues | Zendesk Public Repositorieshttps://github.com/zendesk https://github.com/Tymeshift https://github.com/klausapp https://github.com/ultimateai |
Github
Code review |
In scope
Payment reward chartP1$2000 P2$1000 P3$500 P4$100
We provide customers & developers the ability to provide extensibility and integrations with our Products through Zendesk Marketplace. We also publish apps and integrations that can be found under the following profiles:
[https://www.zendesk.com/marketplace/partners/475/zendesk/](Zendesk owned apps & integrations)
[https://www.zendesk.com/marketplace/apps/support/4895/zendesk-workforce-management/](WFM app)
[https://www.zendesk.com/marketplace/partners/2196/ultimate/](Ultimate app)
[https://www.zendesk.com/marketplace/apps/support/181357/klaus/?queryID=9b0ed729ffdbec96657b1bd437baa91d](Klaus Support app)
Only Zendesk owned & developed applications are eligible for bounty. If you find vulnerabilities in other Marketplace apps, integrations or themes please contact the developer through the “contact us” button on the developers page.
Name / Location | Tags | Known issues | Zendesk Marketplace Apps created by Zendeskhttps://{subdomain}.zendesk.com/ |
API Testing
Penetration Testing
Website Testing
+1 |
Out of scope
Name / Location | Tags | Known issues | support.zendesk.com | | www.zendesk.com | | *.zdassets.com | | Zendesk for Sales or Zendesk Sell | | Zendesk supply chain, vendors and contractors | | Already public vulnerabilities (i.e. CVE’s) in infrastructure, frameworks or libraries we use | |
Testing is only authorized on the targets listed as in scope. Any domain/property of Zendesk not listed in the targets section is out of scope. This includes any/all subdomains not listed above. If you happen to identify a security vulnerability on a target that is not in scope, but it demonstrably belongs to Zendesk, you can report it to this engagement. However, be aware that it is ineligible for rewards or points-based compensation.
Not be employed by a current or prospective customer of ours, or otherwise be acting in a professional capacity on behalf of a customer of ours
You may submit a ticket per our [https://www.zendesk.com/au/company/policies-and-guidelines/responsible-disclosure-policy/](Responsible disclosure policy)
Report a qualifying vulnerability that is in the scope of our program
Be the first person to report the vulnerability
Follow this guidelines for creating an account
Only test against your own accounts and data
Be reasonable with automated scanning methods so as to not degrade services
Reports must contain a clear explanation of the issue and the security impact along with detailed steps to reproduce it. If the issue cannot be reliably reproduced based on your report, it may be considered ineligible for a reward
Reports must contain the trial account used to test
Reports must contain the URL or API path where the vulnerability was identified
Do not submit more than one vulnerability per report. In cases where demonstrating impact requires chaining multiple vulnerabilities together, those can be included in the same report as long as the linkage is clearly explained
We do not accept reports that contain low-effort or AI-generated content. Submissions must demonstrate original analysis, clear understanding of the issue, and actionable detail. Reports lacking meaningful human input will be rejected
When N-Day bugs are released to the public, we will consider these as in scope after 30 days has gone by
e.g: N-day released on 01/01/2025, we would consider it in-scope on 01/31/2025
Submissions related to leaked or exposed employee credentials (e.g., dark web forums, credential dumps) will be reviewed on a case-by-case basis and may qualify for points-based compensation only. The use of any leaked credentials during testing is strictly prohibited and may result in disqualification from the bounty program.
Unless otherwise stated in our targets or scope, Zendesk will not award bounties related to misconfigurations or vulnerabilities that originate from the responsibilities of “The Subscriber” per our shared responsibility model. You can find the definition of our shared responsibility model here:
[https://bugcrowd.com/vulnerability-rating-taxonomy](P5 vulnerabilities)
Availability/volumetric testing e.g.:
DoS/DDoS/Network DoS
Rate limiting bypass attempts
Email bombing or flooding
ALL forms of Social Engineering
SPF, DKIM, DMARC issues related to how we handle emails
Physical vulnerabilities or reports related to our offices
Reports related to individual employees of Zendesk or compromised account reports from 3rd party data breaches
In no event are you permitted to access, download or modify data residing in any other Account, or one that is not registered to you. We will not honour any issues which result from testing our customers.
You are also prohibited from:
You are prohibited from attempting to social engineer Zendesk staff including contacting Zendesk via our Support channels without identifying yourself as a security researcher.
You are prohibited from attempting to upgrade your trial account to a paid account without payment or otherwise attempting to circumvent charges or fees.
You are prohibited from executing or attempting to execute a Denial of Service attack.
Knowingly posting, transmitting, uploading, linking to, sending or storing any malicious or illegal software or files.
Testing in a manner that would result in the sending of unsolicited or unauthorised junk mail, spam, pyramid schemes or other forms of duplicative or unsolicited messages.
Attempting to rename an account or testing of the account name change functionality.
When conducting vulnerability research according to this policy, we consider this research to be:
Authorized in accordance with the Computer Fraud and Abuse Act (CFAA) (and/or similar state laws), and we will not initiate or support legal action against you for accidental, good faith violations of this policy;
Exempt from the Digital Millennium Copyright Act (DMCA), and we will not bring a claim against you for circumvention of technology controls;
Exempt from restrictions in our Terms & Conditions that would interfere with conducting security research, and we waive those restrictions on a limited basis for work done under this policy; and
Lawful, helpful to the overall security of the Internet, and conducted in good faith.
You are expected, as always, to comply with all applicable laws.
If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please inquire via our [https://bugcrowd-support.freshdesk.com/](Bugcrowd Support Portal) before going any further.
[/engagements/zendesk/announcements](View all announcements)
llamasoles announced The engagement Zendesk Managed Bug Bounty Engagement has transitioned to public
If you have any questions, please contact [mailto:[email protected]](Bugcrowd support).
More
https://bugcrowd.com/h/lolamero[/engagements/zendesk/hall_of_fames](Hall of Fame)
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please visit [https://bugcrowd-support.freshdesk.com/support/tickets/new](Bugcrowd Support) and create a support ticket. We will address your issue as soon as possible.
This engagement follows Bugcrowd’s [https://www.bugcrowd.com/resource/standard-disclosure-terms/](standard disclosure terms.)
This engagement does not allow disclosure. You may not release information about vulnerabilities found in this engagement to the public.