You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -4,4 +4,16 @@ Security is very important to us. If you discover any issue regarding security,
All software related security bugs with severity of medium and higher will be awarded accordingly with a bug bounty reward.
Due to on premise nature of our software, all server configuration related issues will be reported to related departments/parties/companies, but we cannot guarantee any bounty rewards for them.
# Vulnerability levels
**Critical Severity:** software can be exploited at any time without any additional information
**High Severity:** some additional information, access or action required (from the user, like clicking on injected link) for software to be exploited
**Medium Severity:** the impact is limited (for example, can only access limited information) or requires special conditions to achieve it (when server is configured in specific way)
**Low** - no bounty rewards, does not directly lead to vulnerability, but provides a possibility (like exposing software version, which can be mapped to specific vulnerabilities), old dependencies, server misconfiguration
**Exclusion**
Server specific configurations and deployment specific configurations due to on premise nature of our software.
All server configuration related issues will be reported to related departments/parties/companies, but we cannot guarantee any bounty rewards for them.
