Bug Bounty Program

At Khojo, we are committed to building a secure and reliable platform for everyone. We welcome responsible disclosures that help us identify and fix issues quickly. What You Can Report Security vulnerabilities (XSS, SQL Injection, auth bypass, etc.) Functional bugs (features not working properly) UI/UX issues (layout problems, responsiveness, visual glitches) Performance issues (slow loading, crashes, unexpected behavior) Rewards (BDT) UI / UX Issues: 400 – 4,000 Functional Bugs: 1,000 – 10,000 Medium-Level Security: 2,000 – 20,000 Critical Vulnerabilities: 4,000 – 40,000 Rewards are based on impact, clarity, and reproducibility. Submission Guidelines Provide clear steps to reproduce Include screenshots or video proof Explain the impact Submit original findings only Out of Scope Duplicate or known issues Spam or low-quality reports Automated scan results without validation Third-party service issues Rules No data access or destructive testing Proof-of-concept only Follow responsible disclosure How to Report Send your report to: [email protected] Include: Issue title Steps to reproduce Impact Attachments Our Commitment Review within 24–72 hours Fair rewards for valid reports Optional contributor recognition