We are actively running a bug bounty program to keep our site secure. If you find any vulnerabilities in our static site, especially related to the search feature or frontend code, you can report them here. Rewards are offered based on the severity of the issue:
Stored XSS (Search / Content Injection), $750
DOM-based XSS, $650
Supply Chain Attack (JS Dependencies), $600
Malicious Index Injection, $500
Open Redirect, $450
Content Spoofing / Defacement, $400
Clickjacking, $350
CORS Misconfiguration, $300
Information Disclosure (Build Artifacts), $250
Cache Poisoning, $200
Directory Listing / Hidden Files, $150
Missing Security Headers, $100
How to Report:
Please send a detailed report including the steps to reproduce the issue. We verify all submissions before issuing rewards. Only vulnerabilities related to the site’s code, search feature, or hosting pipeline are eligible.