We want to hear about security vulnerabilities in our products and services. In order to reward security researchers, we offer rewards for eligible security vulnerability reports that are disclosed to us. To honour all cutting-edge external contributions that help us keep our product safe, we conduct a Vulnerability Reward Program. The goal of this program is to collect significant vulnerabilities that have a direct and demonstrable impact. "Vulnerability" refers to any bug, flaw, behavior, output, outcome, or event within an application, system, or service which can bring risks or increase security exposures.
Identify a vulnerability that has not been previously reported to our team.
The vulnerability severity must be critical or important. This means it has to be a significant threat.
You must include clear and concise steps to understand and fix the issue in text or video format.
You cannot violate any applicable laws, regulations, policies or third party’s right, and submission data must be your own.
You should not expose the issue to any other party without our prior written consent.
Vulnerability examples: Code execution, logic vulnerability, denial of service, access acquisition, or injection.
Vulnerability examples: Access acquisition, data breach, code execution, injection, unauthorized access, and denial of service.
Other security vulnerabilities or intelligence vulnerabilities assessed according to factors like the importance of the service and exploitability
Submit your report by email to firstname.lastname@example.org with the email title format: (date)_(reporter's name)_(short description). For example, "20210719_John_SQL injection in Website". This format is a mandatory condition for your report. Please note that by submitting us a vulnerability report, you grant us a perpetual, worldwide, royalty-free, irrevocable and non-exclusive right to use, modify, and incorporate your submission into our products, services, or test system without any further obligations or notices to you. Read more about our Terms & Conditions