Our bug bounty program is meant to protect all parties of the platform and is regarded as the highest importance level here at Sellix.


We do compensate for vulnerabilities that affect the customers and/or end-users. Please keep in mind that we do not compensate self-reflected XSS or anything else that does not lead to the immediate danger of our users.

Please do note that flags and policies for our cookies and/or headers are set and cannot be changed on our end due to the technical specifications needed for our system.


Sellix provides rewards to all users depending on the severity of the report. At this time, rewards are private. You are able to receive payment in the form of cryptocurrency as well.


When you find a vulnerability or a platform-breaking bug, we advise you to keep it private it only report it to our engineering team. If found publicly releasing the bug or vulnerability, Sellix will not provide any reward.

Did this answer your question?