Responsible Disclosure
Introduction
At Crowd Funded Cashback Community, we take the security of our systems and the protection of our users’ data seriously. We appreciate the efforts of security researchers and the wider community in helping us maintain a secure environment. If you have discovered a security vulnerability in our systems, we encourage you to responsibly disclose it to us.
Scope of Acceptable Reports
We are interested in receiving reports for vulnerabilities or security issues related to our website, applications, or infrastructure. Please ensure that your report is within the scope of our responsible disclosure program.
Reporting Process
To report a vulnerability, please follow these guidelines:
1. Send an email to info@crowdfundedcashbackcommunity.com with the subject line “Responsible Disclosure”
2. Provide a detailed description of the vulnerability, including the steps to reproduce it.
3. Include any supporting materials, such as proof-of-concept code or screenshots, to help us understand and validate the issue.
4. Do not exploit the vulnerability or access, modify, or delete any user data.
Responsible Disclosure Guidelines
We expect researchers to adhere to the following guidelines when reporting vulnerabilities:
1. Act in good faith and make every effort to avoid privacy violations, destruction of data, or interruption of our services.
2. Do not publicly disclose the vulnerability before we have had a reasonable amount of time to investigate and address it.
3. Do not perform any actions that could harm our systems or compromise the privacy of our users.
4. Respect the confidentiality of any non-public information you may have access to during your research.
Response and Communication
Upon receiving your vulnerability report, we will acknowledge the receipt within 3-4 business days. Our security team will investigate the issue and provide you with regular updates on the progress of the investigation. Once the vulnerability is resolved, we will notify you and, if desired, recognize your contribution publicly.
Recognition and Rewards
We value the efforts of security researchers and may offer recognition or rewards for responsibly disclosed vulnerabilities. This could include public acknowledgment, inclusion in our hall of fame, or participation in our bug bounty program. Please let us know if you would like to be considered for recognition.
Legal Considerations
We will not pursue legal action against researchers who follow the responsible disclosure guidelines and act in good faith. We request that you do not disclose the vulnerability to anyone else until we have resolved the issue.
Commitment to Security
At Crowd Funded Cashback Community, we are committed to maintaining the security and privacy of our users’ data. We have implemented robust security measures, including encryption, access controls, and regular security audits, to protect against unauthorized access or data breaches.
Updates and Changes
This responsible disclosure page may be updated or modified from time to time. We encourage researchers to check back periodically for any changes.
Date:- 31/10/2023