Bug Bounty Program

Help us make our services more secure!

Get rewards for finding and reporting security vulnerabilities.

Rewards

Severity Level	Reward	Examples
Critical	up to 5000 PLN	RCE, SQL Injection, XSS
High	up to 2000 PLN	CSRF, SSRF, IDOR
Medium	up to 1000 PLN	Open Redirect, Clickjacking
Low	up to 500 PLN	Information Disclosure

Program Rules

Do not exploit found vulnerabilities for purposes other than testing
Do not disclose information about found vulnerabilities to third parties
Do not perform load testing (DDoS)
Do not use automated scanners without prior consent
Respect user privacy

How to report a vulnerability?

Register in the Bug Bounty program
Conduct tests according to the rules
Prepare a detailed report containing:
- Vulnerability description
- Steps to reproduce
- Potential impact
- Proposed solution
Submit the report through the dedicated form

Report a Vulnerability

Report Title

Severity Level

Vulnerability Description

Steps to Reproduce

Potential Impact

Proposed Solution