Responsible Disclosure of Security Vulnerabilities
We want to keep Sejda safe for everyone. If you've discovered a security vulnerability in Sejda, we appreciate your help in disclosing it to us in a responsible manner.
Would like to disclose a security vulnerability? Please contact us by email at
We provide bug bounty rewards, based on the severity of the issue being disclosed. Once a vulnerability is reported, if we consider it valid, and we evaluate it to have a high enough severity, we might offer a bounty reward.
Out of scope
The following domains are out of scope, unless the vulnerability allows attacking the main site:
- blog.sejda.com
- status.sejda.com
Responsible Disclosure Acknowledgements
Sejda wishes to thank the following security researchers who have responsibly disclosed vulnerabilities:
- Danang Avan Maulana
- Darshan Jogi