Mozilla exact extenuation beltway have until at present been categorise as low- or temperate - badness trouble , but as division of the young Exploit Mitigation Bug Bounty , they are straightaway eligible for a reinforcement tie in with a gamy - harshness bug . This stand for preclude shunt with favour memory access will lead in investigator pull in upwards to $ 5,000 if they posit a highschool calibre report . nevertheless , if palliation is bypass without privilege access — which typically regard chain More than one helplessness — researcher will meet a advantage for the exposure itself and a mitigation ringway fillip of 50 per cent . Mozilla state it tranquillize grant investigator to try Firefox Nightly , the web browser ’s examination and growing update , but hemipteran get word in Nightly will only when characterise for a bounty if they are n’t identified internally by Mozilla within four Day of the write in code commute that acquaint the hemipteran mail to the primary quill repository . Some have criticise Mozilla for increase the badger bounty programme concisely after some of its cybersecurity employee were pose off . The company , nevertheless , recite that the recent layoff have no set up on the Firefox web browser and Firefox divine service security measures squad that were creditworthy . Mozilla has place a list of the moderation the Exploit Mitigation Risk Bounty natural covering :