If you find a security vulnerability on our website, please contact us immediately. We review all legitimate reports and aim to resolve issues quickly.

Guidelines for Reporting

To ensure your report is handled safely:

  • Give us reasonable time to review and fix the issue before sharing it publicly.
  • Do not access private accounts without the owner’s consent.
  • Avoid actions that could harm privacy, disrupt services, or destroy data.
  • Do not exploit the issue for any reason.
  • Follow all applicable laws and regulations.

Bounty Program

We reward security researchers who help protect our platform. Bounties are awarded at our discretion based on risk, impact, and report quality.

To qualify:

  • Follow the guidelines above.
  • Report a valid security vulnerability.
  • Submit your report through our official contact (do not contact employees directly).
  • Disclose any accidental privacy violations in your report.

Rewards

Rewards depend on the severity of the vulnerability:

Critical — $200
Remote code execution, full account access, SQL injection leaking data

High — $100
Authentication bypass, sensitive data disclosure, stored XSS

Medium — $50
Logic or business process flaws, insecure object references

Low — Recognition Only
Open redirects, reflected XSS, low-sensitivity data leaks

Notes:

  • The first valid report receives the bounty.
  • Multiple bugs from a single issue count as one report.
  • Rewards are based on impact, exploitability, and report quality.

Contact Information

Trade Name: Msxsoft LLC
Address: 11 NE 70th St, Miami, FL 33138, United States
Phone: +1 440-335-1109
Email: contact@msxsoft.com