Xsolla Bounty Program

Reporting Guidelines

Submit a form (link) below with a detailed report. This report should include as much of the following as possible:

  • Detailed description of the discovered flaw.
  • Link to the page containing the bug or affected products/websites (if applicable).
  • Type of bug.
  • Whether the information has been published or shared with others.
  • Step-by-step instructions to reproduce the bug or description of an exact location or a screenshot.
  • Impact (why you think it’s a bug and what trouble or damage it’s causing).
  • Impact (why you think functionality, process or content is flawed).
  • Recommendations for fixing/improving (optional).

Once submitted, we will acknowledge that we have received your report with an automated reply to ask for more info, and will continue our conversation via email when/if applicable. We will then review the information and work to validate the reported bug. In the event that a true bug is discovered, we will notify you.

Contact Us

Report Submission

By submitting a bug report you agree to comply with the Xsolla Bounty Program Policy, which forbids public or private disclosure of the details of any vulnerability or bug on Xsolla before the 30 days after the bug has been fixed.

By participating in this program, you agree to adhere to the above rules and conditions. All rules must be followed to be eligible for rewards.

Choose file...

Thank you, your submission has been received

This form is temporarily out of order. We're already working to restore it. Try leaving your request again later or contact us directly at support@xsolla.com.