Rewards for researcher programs are determined by the severity of the report. The severity can be determined by using a CVSS-calculator. The available severities are Informational, Low, Medium, High and Critical. Each severity has a minimum reward.
We subtract the average reward amount from your researcher program budget per validated vulnerability, once you set the actual reward this amount will be subtracted from the researcher program budget. The amounts below are the rewards paid to the researcher and do not include a 30% handling fee.