diff --git a/SECURITY.md b/SECURITY.md
index f63f9c3f277..09dc4712575 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -65,7 +65,7 @@ ONLY vulnerabilities discovered, when the following setup on test platform is us
 Scope is the web application (back office) and the APIs.
 
 
-## Qualifying vulnerabilities for Bug bounty programs
+## Qualifying vulnerabilities for reporting
 
 * Remote code execution (RCE)
 * Local files access and manipulation (LFI, RFI, XXE, SSRF, XSPA)
@@ -82,7 +82,7 @@ Scope is the web application (back office) and the APIs.
 * Stack traces or path disclosure (for non admin users only)
 
 
-## Non-qualifying vulnerabilities for Bug bounty programs, but qualified for reporting
+## Non-qualifying vulnerabilities for reporting
 
 * "Self" XSS
 * SSL/TLS best practices