Until December 1, 2023, the first report to contain a full chain exploit leading to a Chrome sandbox escape,
Google says, may receive up to $180,000, or even more if cumulated with other bonuses, which is triple the current reward amount.
Subsequent full chain exploits that are submitted during the timeframe may receive up to $120,000, which is double the current reward amount. All reports should be submitted through the Chrome vulnerability rewards program.
“We’re always interested in explorations of new and novel approaches to fully exploit Chrome browser and we want to provide opportunities to better incentivize this type of research. These exploits provide us valuable insight into the potential attack vectors for exploiting Chrome and allow us to identify strategies for better hardening specific Chrome features,” the internet giant says.
