PayPal is withholding payment from a 17-year-old German hacker who found a vulnerability on its website, the teen claims.
Robert Kugler is not subject to PayPal's Bug Bounty program because he is not yet 18, according to PC World. Kugler will reach that milestone next March. Kugler told the publication that he found the bug on May 19, but PayPal responded via email that he was not subject to the program.
PayPal representatives could not be reached for comment. PayPal's Terms of Service for Bug Bounty don't mention an age guideline.
It's not clear how much Kugler would have received for identifying this vulnerability. Google has a similar program that pays anywhere from $100 to $20,000, depending on the issue. Facebook pays $500. Kugler has found bugs for Mozilla, and received as much as $1,500 in return, according to PC World.
Kugler's fix can be found here.