Xsolla Bounty Program

Reporting Guidelines

Submit a form (link) below with a detailed report. This report should include as much of the following as possible:

Detailed description of the discovered flaw.
Link to the page containing the bug or affected products/websites (if applicable).
Type of bug.
Whether the information has been published or shared with others.
Step-by-step instructions to reproduce the bug or description of an exact location or a screenshot.
Impact (why you think it’s a bug and what trouble or damage it’s causing).
Impact (why you think functionality, process or content is flawed).
Recommendations for fixing/improving (optional).

Once submitted, we will acknowledge that we have received your report with an automated reply to ask for more info, and will continue our conversation via email when/if applicable. We will then review the information and work to validate the reported bug. In the event that a true bug is discovered, we will notify you.

rules

In Scope →

Out of Scope →

Reporting Guidelines →

Judging →

Rewards →

Our Commitment →

Responsible Disclosure Policy →

Contact Us

Report Submission

By submitting a bug report you agree to comply with the Xsolla Bounty Program Policy, which forbids public or private disclosure of the details of any vulnerability or bug on Xsolla before the 30 days after the bug has been fixed.

By participating in this program, you agree to adhere to the above rules and conditions. All rules must be followed to be eligible for rewards.

Thank you, your submission has been received

Another bug report

This form is temporarily out of order. We're already working to restore it. Try leaving your request again later or contact us directly at support@xsolla.com.

Privacy Policy
End User License Agreement
Legal Agreements