As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. But here is a question that begs to be answered: how much is a vulnerability worth? The question becomes ‘Is this too much to pay for a vulnerability?’ The question is whether you should ask yourself whether you are ‘shifting left’ enough to fix a vulnerability, or whether you’ve also mitigated the additional cost of refactoring code and pushing a single build to fix it.
Source: https://www.helpnetsecurity.com/2021/01/25/how-much-is-a-vulnerability-worth/