Lightspeed Retail (X-Series)

  • $20 – $6,250 per vulnerability
  • Safe harbor
  • Solo-Only

Program stats

  • Vulnerabilities rewarded 14
  • Validation within 5 days 75% of submissions are accepted or rejected within 5 days
  • Average payout $130 within the last 3 months

Latest hall of famers

Recently joined this program

109 total

Introduction

Lightspeed Retail X-Series bug bounty program aims to build stronger relationships with the security community by rewarding security researchers for their work in finding security vulnerabilities.

This page is intended for security researchers. For general information about security, please see our main website.

Important Notes

We will make a best effort to meet the following response targets for white hat hackers participating in our program:
Time to First Response: 1 day
Time to Triage: 2 days
Time to Bounty: within 5 business days
Time to Remediate: Up to 90 days (may be dependent on the severity and complexity, excluding extenuating circumstances)

Public Disclosure Policy

  • Please do not discuss any vulnerabilities (even resolved ones) outside of the program without express consent from Lightspeed.
  • This program follows Bugcrowd’s disclosure guidelines.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.