We have a bug bounty program to identify and fix security vulnerabilities in our system. Security is crucial to us, and we encourage responsible disclosure of any issues found. Please note that we do not offer monetary or material rewards. Instead, we will acknowledge your contribution and resolve the issue as soon as possible. We value your efforts to keep our product secure and provide the best experience for all users.
Thank you for your continued support.
Out of Scope Vulnerabilities:
These vulnerabilities are not considered eligible for rewards or remediation as they do not align with the goals of the program or initiative:
- Software, applications, and other third-party solutions:
Software or applications that are not under our control and are owned by a third party. Please contact the third party directly for assistance with any such issues.
- Clickjacking (UI redressing).
- Cross-site scripting (XSS).
- Text Injection.
- The brute force of promo/coupon code.
- Social engineering attacks.
- Spam & rate limiting.
- SSL/TLS protocol vulnerabilities.
- Email/Phone number enumeration (user enumeration).
- Any activity that could lead to the DoS.
Please contact us for security questions or concerns.