Responsible Vulnerability Disclosure Program
No technology is perfect. As a security company, we take the security of our products and services seriously. We believe that working together with other skilled security researchers across the globe is crucial to offer secure solutions. We appreciate the work of the white hat community in responsibly reporting any vulnerabilities.
If you happen to find a vulnerability in our software please contact us immediately as part of this responsible disclosure program. Just send us an e-mail to firstname.lastname@example.org.
If possible/applicable include the following information:
- Affected Product(s)/versions/URLs
- System Details (Operating System, etc.)
- Technical Description and Reproduction Steps
- Proof of Concept how the Vulnerability can be abused
- Impact of the Vulnerability
- Other Parties/Products Involved
- Disclosure Plans/Dates
We only accept submissions that contain a full proof of concept that contains a description of how the vulnerability can be abused and how this impacts the services of Crashtest Security.
We accept submissions for this program for the following applications with a few exceptions:
Out of Scope
The following applications are out of scope:
- The chat functionality used on any of the sites in scope
Hall of Fame
We thank all security researchers that support our security efforts as part of our responsible disclosure program: