Adobe launched its first vulnerability disclosure program this week on the HackerOne platform. Only vulnerabilities in Adobe web applications or web-based services are in scope. The program will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. The bugs in scope of the program include most of the most common web app ailments, including cross-site request forgery, server-side code execution, authentication flaws, injection vulnerabilities, directory traversal, information disclosure, or security misconfiguration.
Source: https://threatpost.com/adobe-starts-vulnerability-disclosure-program-on-hackerone/111490/