Bug Bounty

Issue severity
Bonus GBX
Non existent (info provided is false and does not correspond to actual situation or not applicable to us or likely impossible to exploit)
1000 GBX
10 000 GBX
100 000 GBX

Targets in scope

Target name


Generally, any bug that poses a significant vulnerability, either to the security of our site or the integrity of our trading system, could be eligible for bonus.

Examples of security issues that typically would be eligible:

  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Code Injection
  • Remote Code Execution
  • Privilege Escalation
  • Authentication Bypass
  • Leakage of Sensitive Data

Please note that only vulnerabilities with a working proof of concept that shows how it can be exploited will be considered eligible for bonus.


Examples of issues that are not eligible for bonus:

  • Theoretical vulnerabilities without actual proof of concept
  • Vulnerabilities on sites hosted by third parties
  • Vulnerabilities contingent on physical attack, social engineering, spamming, DDOS attack, etc.
  • Vulnerabilities affecting outdated or unpatched browsers
  • Vulnerabilities in third party applications that make use of Globitex API
  • Lack of security flags in cookies
  • Content spoofing
  • Cache-control related issues
  • Exposure of internal IP addreses or domains
  • Missing security headers that do not lead to direct exploitation
  • Plain submission of results obtained by auto scanners
  • Vulnerabilities that require physical access to a user's device
  • Assets that do not belong to Globitex
  • Issues already known to us or already reported by someone else (reward goes to first reporter)

Investigation and Reporting

  • Avoid testing on accounts other than those that you own
  • Avoid using automated testing scanners
  • Avoid excessive request attempts
  • Don't violate the privacy of other users, destroy data, disrupt our services, etc
  • Initially report the bug only to us and not to anyone else

Caught a bug?

We use cookies to improve your experience and analyse site's usage. By using our site, you consent to cookies.