$500 – $5,000
equivalent rewards
Bug bounty hero

Sensay Bounty Programs

Earn up to $2,500 for functionality bugs and up to $5,000 for critical security vulnerabilities!

We highly value the contributions of researchers in helping us keep our platform safe.Through our security and bug bounty programs, we reward those who responsibly disclose vulnerabilities with SENSAY tokens.

Rewards

Rewards are paid in SENSAY tokens based on severity

critical
$500 - $5k
equivalent
high
$200 - $2k
equivalent
medium
$100 - 1k
equivalent
low
$100 - $500
equivalent

In-scope vulnerabilities

  • Cross-Site Scripting (XSS)
  • Server-Side Request Forgery (SSRF)
  • SQL Injection
  • Business Logic Vulnerabilities
  • Remote Code Execution
  • Access Control Issues
  • Authentication Bypass
  • Critical Information Disclosure
  • Insecure Direct Object References (IDOR)
  • CORS Misconfigurations

Out of scope

  • Theoretical vulnerabilities without proof
  • Clickjacking without clear impact
  • Social engineering attacks
  • CSV injection
  • DoS/DDoS attacks
  • Known public security issues
  • Rate limiting issues
  • Issues requiring physical access
  • Missing security headers (unless exploitable)
  • Findings from automated tools w/o manual verification
  • Self - XSS
  • Vulnerabilities in third-party services

Want to apply? Make sure you read our Terms and Instructions.