Nginx is a free, open-source, high-performance HTTP server and reverse proxy. It powers some of the most important sites on the web, making it an undeniably critical piece of internet infrastructure. The project has a strong security track record and uncovering potential vulnerabilities is increasingly difficult. These bounties are our way of saying "Thanks" to the security researchers who take up this challenge.
The project maintainers have final decision on which issues constitute security vulnerabilities. The Panel will respect their decision, and we ask that you do as well. Our rewards are tied to the severity level as determined by the project.
It's important to keep in mind that not all submissions will qualify for a bounty, and that the decision to award a bounty is entirely at the discretion of the Panel.
The public program Nginx (IBB) on the platform Hackerone has been updated on 2019-08-02, The lowest reward is 500 $.